-4

I am working on a RestAPI endpoint for generating random values with Spring Boot and Bouncy Castle. I also have basic Spring Security activated.

When i make a GET request with the right credentials, everything works fine and the random value gets returned, but if i change it to PostMapping with the exact same underlying code and make a POST request - i get an unauthorized response, even tho the credentials are right.

I am using Insomnia for making HTTP requests.

Has anyone experienced something similar and knows how to fix it?

Sinnedkid
  • 29
  • 6
  • 1
    You should create [minimal, reproducible example](https://stackoverflow.com/help/minimal-reproducible-example) and edit question to add it. At the very least add your spring security configuration. Currently there is not enough information to diagnose issue. Sounds like you don't send valid csrf token, but this is only a guess. – Chaosfire Nov 23 '22 at 15:43
  • Sounds like a csrf-configuration issue, but that would result in a 403 and not in a 401. But as @Chaosfire mentioned, it is impossible to answer without a reproducible example. – g00glen00b Nov 24 '22 at 10:07
  • Thanks for your comments, i've been able to fix it. I didn't set up the program itself, so it didn't know how the Spring Security looked. Setting .csrf().disable() fixed it! :) – Sinnedkid Nov 24 '22 at 13:24

1 Answers1

0

Creating a Configuration Class for Spring Security solved the problem.

The following code worked:

@Configuration
@EnableWebSecurity
public class SecurityConfiguration {

@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception{
    http
            .csrf().disable();
    return http.build();
}

}

Sinnedkid
  • 29
  • 6