admin管理员组

文章数量:1399762

SO I am building a Spring Boot application using Spring Security with JWT authentication. I’ve implemented a JwtAuthenticationFilter and configured it in my SecurityConfiguration, but I keep getting 403 Forbidden responses when accessing protected endpoints with a valid JWT.

I am sending the /register user with no header. But when Accessing the register endpoint, I get 403 unauthorized error. I have authorized HTTP endpoints, disabled crsf but the issue persists without any error messages. How to fix this error or find it's cause?

@Configuration
@EnableWebSecurity
@RequiredArgsConstructor
public class SecurityConfiguration {
    private final JwtAuthenticationFilter jwtAuthenticationFilter;
    private final AuthenticationProvider authenticationProvider;
    private final CustomerAccessDeniedHandler customerAccessDeniedHandler;
    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity http, DefaultAuthenticationEventPublisher authenticationEventPublisher, JwtAuthenticationFilter jwtAuthenticationFilter) throws Exception {
        http
                .csrf(AbstractHttpConfigurer::disable)
                .authorizeHttpRequests(auth -> auth
                        .requestMatchers("/api/v1/auth/**").permitAll()
                        .anyRequest().authenticated())
                .sessionManagement(session -> session
                        .sessionCreationPolicy(SessionCreationPolicy.STATELESS))
                .authenticationProvider(authenticationProvider)
                .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);


        return http.build();
    }
}

本文标签: Spring Security JWT Returns 403 Forbidden on EndpointsStack Overflow

版权声明:本文标题:Spring Security JWT Returns 403 Forbidden on Endpoints - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1744230740a2596319.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。