Step1: In Spring Mvc submitting the form using ajax,worked fine.
Step2: Integrating same spring MVC project with spring security(without ajax form submit in spring mvc) also worked fine.
But now when tried to integrate same (step2 project) spring MVC + Spring security and also introducing ajax form submit for spring mvc form end up with the error 405 on the browser
405: method not allowed, Request method 'POST' not supported
**General**
Request URL:http://localhost:8080/Springmvc-ajax-security/submitForm.web
Request Method:POST
Status Code:405 Method Not Allowed
Remote Address:[::1]:8080
**Response header**
Allow:GET
Cache-Control:no-cache, no-store, max-age=0, must-revalidate
Content-Length:1085
Content-Type:text/html
Date:Sat, 26 Mar 2016 12:12:00 GMT
Expires:0
Pragma:no-cache
Server:Apache-Coyote/1.1
X-Content-Type-Options:nosniff
X-Frame-Options:DENY
X-XSS-Protection:1; mode=block
**Request header**
Accept:application/json, text/javascript, */*; q=0.01
Accept-Encoding:gzip, deflate
Accept-Language:en-US,en;q=0.8
Connection:keep-alive
Content-Length:117
Content-Type:application/json; charset=UTF-8
Cookie:JSESSIONID=019622188DB97DEF5F2D1AE716032C41
Host:localhost:8080
Origin:http://localhost:8080
Referer:http://localhost:8080/Springmvc-ajax-security/helloWorld.web
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.87 Safari/537.36
X-Requested-With:XMLHttpRequest
**Request payload**
{"studentName":"Noorus","studentBranch":"CS","studentDept":"computer","_csrf":"b68fbffe-d7a0-40eb-9edc-74d0f6408556"}
StudentController.java
@RequestMapping(value="/submitForm.web", method = RequestMethod.POST)
public @ResponseBody Student submittedFromData(@RequestBody Student student, HttpServletRequest request) {
return student;
}
student.jsp
<body>
<form:form id="submitForm" action="submitForm.web" method="post"
commandName="student">
<fieldset style="width: 300px;">
<legend>Student details</legend>
<ol>
<li><label for=studentName>Student Name</label> <form:input
path="studentName" name="studentName" type="text"
placeholder="First and last name" /></li>
<li>
<p>
<label for=studentBranch>Student Branch</label>
<form:input path="studentBranch" name="studentBranch" type="text" />
</p>
</li>
<li>
<p>
<label for=studentDept>Student Department</label>
<form:input path="studentDept" name="studentDept" type="text"
required="true" />
</p>
</li>
</ol>
</fieldset>
<fieldset style="width: 300px;">
<input id="submitId" type="submit" value="Submit Form">
</fieldset>
</form:form>
</body>
<!-- <script type="text/javascript" src="resources/js/submit.js"></script> -->
<script type="text/javascript">
$(document).ready(function() {
alert("welcome to js page");
$('#submitForm').submit(function(e) {
var frm = $('#submitForm');
e.preventDefault();
var data = {}
var Form = this;
//Gather Data also remove undefined keys(buttons)
$.each(this, function(i, v){
var input = $(v);
data[input.attr("name")] = input.val();
delete data["undefined"];
});
$.ajax({
contentType : 'application/json; charset=utf-8',
type: frm.attr('method'),
url: frm.attr('action'),
dataType : 'json',
data : JSON.stringify(data),
success : function(callback){
alert("Response: Name: "+callback.studentName+" Branch: "+callback.studentBranch+" Department: "+callback.studentDept);
$(this).html("Success!");
},
error : function(){
$(this).html("Error!");
}
});
});
});
</script>
Student.java
@Entity
@Table(name="student")
public class Student implements Serializable{
private static final long serialVersionUID = 1L;
@Id
@GeneratedValue(strategy=GenerationType.AUTO)
@Column(name="studentId")
Long studentId;
@Column(name="studentName")
String studentName;
@Column(name="studentDept")
String studentDept;
@Column(name="studentBranch")
String studentBranch;
public Student() {
super();
}
getter & setter
}
Thanks in advance
I had a similar issue, where I was using Ajax with Spring Security and in my case disabling the csrf worked for my security configuration.
@Configuration
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
httpSecurity.csrf().disable();
}
}
your payload is sending _csrf which is like extra data in your object.{"studentName":"Noorus","studentBranch":"CS","studentDept":"computer", "_csrf":"b68fbffe-d7a0-40eb-9edc-74d0f6408556" }
But if you see your model class it does not have _csrf field. it could be the reason where request is looking for exact match method and it is not finding so it is showing 405.
@RequestMapping(value="/submitForm.web", method = RequestMethod.GET)
你不是说method = RequestMethod.POST
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.