When i post a request with the accurate body type, it was showing 403 forbidden error.
package com.WebAuthentication.DemoProject.security.config;
import com.WebAuthentication.DemoProject.appuser.AppUserService;
import lombok.AllArgsConstructor;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;
@Configuration
@AllArgsConstructor
@EnableWebSecurity
public class WebSecurityConfig {
private final AppUserService appUserService;
private final BCryptPasswordEncoder bCryptPasswordEncoder;
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http
.authorizeHttpRequests((auth) -> auth
.requestMatchers("/api/v*/**").permitAll()
);
return http.build();
}
@Bean
public DaoAuthenticationProvider daoAuthenticationProvider(){
DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
provider.setPasswordEncoder(bCryptPasswordEncoder);
provider.setUserDetailsService(appUserService);
return provider;
}
}
###RegistrationController
package com.WebAuthentication.DemoProject.registration;
import lombok.AllArgsConstructor;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
@RequestMapping(path = "api/v1/registration")
@AllArgsConstructor
public class RegistrationController {
private final RegistrationService registrationService;
@PostMapping
public String register(@RequestBody RegistrationRequest request){
return "It works";
}
}
The build was successfull and the console shows no error. The Response must be It works.
package com.WebAuthentication.DemoProject.appuser;
import lombok.AllArgsConstructor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
@Service
@AllArgsConstructor
public class AppUserService implements UserDetailsService {
private final static String USER_NOT_FOUND_MESSAGE = "User with email %s not found";
private final AppUserRepository appUserRepository;
@Override
public UserDetails loadUserByUsername(String email)
throws UsernameNotFoundException {
return appUserRepository.findByEmail(email)
.orElseThrow(()->
new UsernameNotFoundException(String.format(USER_NOT_FOUND_MESSAGE,email)));
}
}
The build was successfull and the console shows no error. The Response must be It works. Help me out.
I tried this but not worked
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http
.authorizeRequests((auth) -> auth
.antMatchers("/api/v*/registration/**").permitAll() // Allow unrestricted access to these endpoints
.anyRequest().authenticated() // Require authentication for any other request
);
return http.build();
}