堆栈内存溢出
  繁体   English   中英

错误未经授权,需要完全验证才能访问此资源

[英]Error Unauthorized, Full authentication is required to access this resource

 原文  2018-01-20 08:38:14       java/ tomcat/ spring-boot/ spring-security/ spring-boot-actuator

问题描述

我正在尝试向我的API中的端点发出请求,但是每次访问执行器端点的尝试均会返回401 错误,需要完全身份验证才能访问此资源 在将用户密码存储在数据库中之前,我仅使用spring security对用户密码进行加密。 我已经检查了所有类似的问题,并实施了所提供的所有解决方案,但仍然没有运气。

这是我的代码:

application.properties 

server.port=8080
spring.jpa.hibernate.ddl-auto=create
spring.datasource.url=jdbc:mysql://localhost:3306/DevUserManagementDB
spring.datasource.username=root
spring.datasource.password=toor
spring.datasource.driver-class-name=com.mysql.jdbc.Driver
#spring.jpa.database-platform=org.hibernate.dialect.MySQL5Dialect
spring.jpa.properties.hibernate.dialect = org.hibernate.dialect.MySQL5Dialect
spring.jpa.hibernate.ddl-auto=update
management.security.enabled=false

pom.xml 

<parent>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-parent</artifactId>
    <version>1.5.9.RELEASE</version>
    <relativePath/> <!-- lookup parent from repository -->
</parent>

<properties>
    <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
    <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
    <java.version>1.8</java.version>
</properties>
<dependencies>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-data-jpa</artifactId>
    </dependency>
            <dependency>
                    <groupId>mysql</groupId>
                    <artifactId>mysql-connector-java</artifactId>
            </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-web</artifactId>
    </dependency>

    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-test</artifactId>
        <scope>test</scope>
    </dependency>

        <dependency>
                <groupId>org.eclipse.persistence</groupId>
                <artifactId>javax.persistence</artifactId>
                <version>2.2.0</version>
                <type>jar</type>
        </dependency>
            <dependency>
                    <groupId>org.springframework.boot</groupId>
                    <artifactId>spring-boot-starter-actuator</artifactId>
            </dependency>

        <!-- Spring Security -->
           <dependency>
                  <groupId>org.springframework.boot</groupId>
                  <artifactId>spring-boot-starter-security</artifactId>

            </dependency>

            <dependency>
                  <groupId>org.springframework.boot</groupId>
                  <artifactId>spring-boot-devtools</artifactId>
            </dependency>

            <dependency>
                 <groupId>commons-validator</groupId>
                 <artifactId>commons-validator</artifactId>
                 <version>1.6</version>
                    <type>jar</type>
            </dependency>
</dependencies>

<build>
    <plugins>
        <plugin>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-maven-plugin</artifactId>
                            <configuration>
                                <executable>true</executable>
                            </configuration>
        </plugin>
    </plugins>
</build>

SecurityConfig.java 

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

@Autowired  
private UserService userService;


@Override
protected void configure(HttpSecurity http) throws Exception {

    http.authorizeRequests().antMatchers("/users").permitAll()
            .antMatchers("/motion").permitAll().and().csrf().disable();
}
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userService).passwordEncoder(passwordEncoder());
    }

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }
}

UserService.java 

@Service
@Transactional
public class UserService  implements UserDetailsService {

   @Autowired
   private PasswordEncoder passwordEncoder;

   public Response AddUser(Users user) {
      if( user == null ){
          throw new ResourceNotFoundException("Empty", "Missing Data Exception");
      } else {
          user.setPassword(passwordEncoder.encode(user.getPassword()));
          userRepository.save(user);
          String customerNum = Long.toString(userDetails.getCustomerNumber);
          return new Response("customerNum", "Customer Created Successfully");
      }

  }
}

1 个解决方案

解决方案1
 0  2018-01-20 09:01:06

如果仅使用spring安全类,那么最简单的方法是通过删除@EnableWebSecurity来禁用spring安全过滤器,即: 

@Configuration
public class SecurityConfig  {
    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }
}

如果您不希望这样做,也可以尝试以下方法: 

http.authorizeRequests().antMatchers("/**").permitAll().and().csrf().disable();

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 未经授权的错误:需要完全身份验证才能访问此资源 Spring Boot 2: {&quot;error&quot;:&quot;unauthorized&quot;,&quot;error_description&quot;:&quot;访问此资源需要完整身份验证&quot;} 启动应用程序时“未授权:访问此资源需要完全身份验证” cesecurity.jwt.AuthEntryPointJwt:未经授权的错误:访问此资源需要完全身份验证 状态=401,错误=未授权,消息=在尝试接收令牌时需要完全身份验证才能在 Spring 框架中访问此资源 spring oauth错误,需要完全认证才能访问此资源 错误:使用@PreAuthorize 时需要完全身份验证才能访问此资源 JAVA JPA 错误 401:“访问此资源需要完整身份验证” InsufficientAuthenticationException:访问此资源需要完全身份验证 Jhipster gateway 需要完整的身份验证才能访问此资源
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM