How to Solve 403 Error in Spring Boot Post Request (#14303)

* How to Solve 403 Error in Spring Boot Post Request * How to Solve 403 Error in Spring Boot Post Request
2023-07-08 13:50:38 +00:00 · 2023-07-08 13:50:38 +00:00 · afb42b5674
parent 571df122f7
commit afb42b5674
2 changed files with 58 additions and 0 deletions
--- a/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/forbiddenerror/controller/TestController.java
+++ b/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/forbiddenerror/controller/TestController.java
@ -0,0 +1,14 @@
+package com.baeldung.forbiddenerror.controller;
+
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+public class TestController {
+
+    @PostMapping("/test-request")
+    public ResponseEntity<String> testPostRequest() {
+        return ResponseEntity.ok("POST request successful");
+    }
+}
--- a/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/forbiddenerror/security/WebSecurityConfig.java
+++ b/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/forbiddenerror/security/WebSecurityConfig.java
@ -0,0 +1,44 @@
+package com.baeldung.forbiddenerror.security;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
+import org.springframework.security.web.SecurityFilterChain;
+import static org.springframework.security.config.Customizer.withDefaults;
+
+@Configuration
+@EnableWebSecurity
+public class WebSecurityConfig {
+
+    @Bean
+    public InMemoryUserDetailsManager userDetailsService() {
+        UserDetails user = User.withUsername("user")
+          .password(encoder().encode("userPass"))
+          .roles("USER")
+          .build();
+        return new InMemoryUserDetailsManager(user);
+    }
+
+    @Bean
+    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+        http.authorizeRequests(authorizeRequests -> authorizeRequests.anyRequest()
+          .authenticated())
+          .httpBasic(withDefaults())
+          .formLogin(withDefaults())
+          .csrf(AbstractHttpConfigurer::disable);
+        return http.build();
+    }
+
+    @Bean
+    public PasswordEncoder encoder() {
+        return new BCryptPasswordEncoder();
+    }
+
+}