Spring security 4.0.1 Request method 'POST' not supported
Question
This morning i was updating my external libraries of a project. I did this one library at a time, so if something did go wrong i did know what update did cause it.
After i upgraded spring security from 3.2 to 4.0.1.RELEASE the problem started. It seems i cannot submit any form with POST, i always get the error message:
HTTP Status 405 - Request method 'POST' not supported
I confirmed that my mappings are correct and accept POST's:
2015-07-19 13:03:21,916 [ Thread-1] INFO n.RequestMappingHandlerMapping - Mapped "{[/_/account/add],methods=[POST]}" onto public java.lang.String com..web.AccountController.add(com..web.data.Account,org.springframework.validation.BindingResult,org.springframework.ui.Model,org.springframework.web.servlet.mvc.support.RedirectAttributes,javax.servlet.http.HttpServletRequest)
2015-07-19 13:03:21,916 [ Thread-1] INFO n.RequestMappingHandlerMapping - Mapped "{[/_/account/add],methods=[GET]}" onto public java.lang.String com..web.AccountController.add(com..web.data.Account,org.springframework.ui.Model)
I highly suspect this is related to the upgrade of spring-security from 3.2 to 4.0.1, because everything did work correctly with 3.2.
Anybody know what causes the "Request method 'POST' not supported" when using spring security 4.0.1?
1 answers
solution1
2 ACCPTED 2015-07-19 11:19:28
Oops, i should have read the "what's new" documentation a bit better. It seems CSRF is enabled by default in spring security 4.0.1. Adding the csrf token as hidden fields does the trick:
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.