From afb42b567490b5bac6c90e9762607637773776a0 Mon Sep 17 00:00:00 2001 From: Michael Olayemi Date: Sat, 8 Jul 2023 13:50:38 +0000 Subject: [PATCH] How to Solve 403 Error in Spring Boot Post Request (#14303) * How to Solve 403 Error in Spring Boot Post Request * How to Solve 403 Error in Spring Boot Post Request --- .../controller/TestController.java | 14 ++++++ .../security/WebSecurityConfig.java | 44 +++++++++++++++++++ 2 files changed, 58 insertions(+) create mode 100644 spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/forbiddenerror/controller/TestController.java create mode 100644 spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/forbiddenerror/security/WebSecurityConfig.java diff --git a/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/forbiddenerror/controller/TestController.java b/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/forbiddenerror/controller/TestController.java new file mode 100644 index 0000000000..2be0bf016c --- /dev/null +++ b/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/forbiddenerror/controller/TestController.java @@ -0,0 +1,14 @@ +package com.baeldung.forbiddenerror.controller; + +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RestController; + +@RestController +public class TestController { + + @PostMapping("/test-request") + public ResponseEntity testPostRequest() { + return ResponseEntity.ok("POST request successful"); + } +} \ No newline at end of file diff --git a/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/forbiddenerror/security/WebSecurityConfig.java b/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/forbiddenerror/security/WebSecurityConfig.java new file mode 100644 index 0000000000..8751aa579b --- /dev/null +++ b/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/forbiddenerror/security/WebSecurityConfig.java @@ -0,0 +1,44 @@ +package com.baeldung.forbiddenerror.security; + +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; +import org.springframework.security.core.userdetails.User; +import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; +import org.springframework.security.crypto.password.PasswordEncoder; +import org.springframework.security.provisioning.InMemoryUserDetailsManager; +import org.springframework.security.web.SecurityFilterChain; +import static org.springframework.security.config.Customizer.withDefaults; + +@Configuration +@EnableWebSecurity +public class WebSecurityConfig { + + @Bean + public InMemoryUserDetailsManager userDetailsService() { + UserDetails user = User.withUsername("user") + .password(encoder().encode("userPass")) + .roles("USER") + .build(); + return new InMemoryUserDetailsManager(user); + } + + @Bean + public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { + http.authorizeRequests(authorizeRequests -> authorizeRequests.anyRequest() + .authenticated()) + .httpBasic(withDefaults()) + .formLogin(withDefaults()) + .csrf(AbstractHttpConfigurer::disable); + return http.build(); + } + + @Bean + public PasswordEncoder encoder() { + return new BCryptPasswordEncoder(); + } + +} \ No newline at end of file