java Spring安全性拒绝来自客户端的所有请求
我正在使用带有Spring REST和Spring Security的ReactJS,当我执行以下操作时:
var myInit = {
method: 'GET',
headers: myHeaders,
mode: 'cors',
cache: 'default'
};
fetch("http://localhost:8080/api/employees", myInit)
.then(function (response) {
console.log(response.json());
}
)
.catch(function (error) {
console.log('There has been a problem with your fetch operation: ' + error.message);
});
浏览器响应:Unexpected token < in JSON at position 0在<!DOCTYPE..。
我确信这个问题是我的WebSecurity配置导致的:
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/login", "/css/**", "/built/**").permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login")
.usernameParameter("username").passwordParameter("password")
.defaultSuccessUrl("/", true)
.and()
.httpBasic()
.and()
.logout()
.logoutUrl("/logout")
.logoutSuccessUrl("/login?logout")
.and()
.exceptionHandling().accessDeniedPage("/403")
.and()
.csrf();
}
因为当我移除anyRequest.authenticated。它又起作用了,但我不知道如何修复
共 (0) 个答案