Spring Security - 405 Request Method 'POST' Not Supported
You can set two endpoints for one url. But you cannot set any request parameter as required. As I saw your request map for login, you can set your request method like this:
@RequestMapping(value = "/login", method = { RequestMethod.GET, RequestMethod.POST })
public ModelAndView loginPage() {
return new ModelAndView("login");
}
Error 405 Request method 'POST' not supported Spring Security
So, I have figured it out. I did the following changes to the code in my question:
In web.xml
I had to add:
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
login.jsp:
<form name='loginForm' action="/login" method='POST'>
<div>
<label for="username">Username</label> <br>
<input type="text" class="form-control" id="username" name="username" required />
</div>
<div>
<label for="password">Password</label> <br>
<input type="password" class="form-control" id="password" name="password" required />
</div>
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />
<div class="form-actions">
<input type="submit" value="Log in" />
</div>
SecurityConfig.java:
@Override
protected void configure(HttpSecurity http) throws Exception
{
http.authorizeRequests()
.antMatchers("/", "/login").permitAll()
.antMatchers("/admin/**").hasRole("ADMIN")
.and()
.formLogin().loginPage("/login")
.defaultSuccessUrl("/admin").failureUrl("/login")
.and()
.csrf();
}
Hope it helps someone in a similar need.
Spring: Status 405. Request method 'POST' not supported
In Spring-security.xml <csrf />
: Spring Security Cross Site Request Forgery (CSRF) protection blocks it.
Token required along with form via POST request.
In form add the following:
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
405 Request method 'POST' not supported when testing spring application
I'm not very familiar with setting up Spring with Cucumber, and I'm not sure about mixing both SpringRunner
and Cucumber
runners in the same setup.
I've updated your test setup like this:
@RunWith(SpringRunner.class)
@WebMvcTest
@ContextConfiguration
@Import(SecurityConfig.class)
public class LoginFeatureStepDefinition {
private String username;
private String password;
private HtmlPage page;
@Autowired
private WebClient webDriver;
- I've replaced
@SpringBootTest
with@WebMvcTest
, as the mockmvc auto-configuration will take care of the webclient setup for you. If you wanted to start an actual server with the whole application and test it with an HTTP client, you need to setup@SpringBootTest
in a different way. - In a MockMvc setup, the security configuration is not imported by default, so you need to import it
spring-security:HTTP Status 405 - Request method 'POST' not supported
Form is POST-ed to /login
action="${contextPath}/login"
but login
is annotated to support only GET
@RequestMapping(value = "/login", method = RequestMethod.GET)
public String loginPage(Model model ) {
return "loginPage";
}
maybe you should post to /signUp
I'm trying to authorize in PostMan, but it gives me "Request method 'GET' not supported"
As mentioned in answers, selecting the POST method from the dropdown in Postman will help with the following error:
"Request method 'GET' not supported."
Then you will face the error below:
{
"timestamp": "2020-03-28T16:54:55.288+0000",
"status": 400,
"error": "Bad Request",
"message": "Required request body is missing: public java.lang.String com.example.demo.controller.MainController.login(java.lang.String,java.lang.String)",
"path": "/login"
}
To solve this, you should slightly modify the endpoint:
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;
@RestController
public class MainController {
@RequestMapping(value = "/login", method = RequestMethod.POST)
public String login(@RequestBody Credentials credentials) {
return "username: " + credentials.getUsername() + " password: " + credentials.getPassword();
}
}
public class Credentials {
private String username;
private String password;
private Credentials() {
}
// getters and setters omitted, make sure you have them.
}
@RequestBody
annotation expects a JSON object to deserialize. It is necessary to have an object available for mapping.- Because you are using
@RestController
annotation, there is no need for@ResponseBody
above the method. It is already included.
Related Topics
Tomcat Server Error - Port 8080 Already in Use
Java 8 Convert Utc Time to Edt/Est So That Date Remains the Same
Checking If a Document Exists in a Firestore Collection
Regex to Match a String Not Starting or Ending With a Pattern
How to Write a User Input Based Constructor
Use String.Split() With Multiple Delimiters
Checking If a String Contains Only Digits (Isdigitmethod Required)
How to Get Summation of Pair(Key) Values in a Map in Java
Serialize a Double to 2 Decimal Places Using Jackson
How to Print Even and Odd Position Characters of an Array of Strings in Java
How to Force a Method to Throw an Exception in Junit Testing
How to Change Read-Only Status of Files in Intellij
How to Get Values of All Elements from Xml String in Java
How to Make Program to Continue Running After Exception
How to Decrypt Whatsapp Database File
How to Print Out All the Elements of a List in Java
How to Make the Icon Background of an Android App Transparent