java - Spring security basic auth gives 403 with correct password also -
hi using spring security java based config basic auth , right password , username gives me 403 error .the config code below.also same getting when seek access endpoint enabled method level security @secured('user')
@configuration @enableglobalmethodsecurity(securedenabled = true, prepostenabled = true) @enablewebmvcsecurity public class securityconfig extends websecurityconfigureradapter { /* * (non-javadoc) * * @see org.springframework.security.config.annotation.web.configuration. * websecurityconfigureradapter * #configure(org.springframework.security.config * .annotation.authentication.builders.authenticationmanagerbuilder) */ @override protected void configure(authenticationmanagerbuilder auth) throws exception { auth.inmemoryauthentication().withuser("root").password("hacked").roles("user"); } /* * (non-javadoc) * * @see org.springframework.security.config.annotation.web.configuration. * websecurityconfigureradapter * #configure(org.springframework.security.config * .annotation.web.builders.httpsecurity) */ @override protected void configure(httpsecurity http) throws exception { http.exceptionhandling().authenticationentrypoint(digestendpoint()). // #session creation policy and().sessionmanagement().sessioncreationpolicy(sessioncreationpolicy.stateless). // #http basic and().httpbasic().realmname("hf integration"). // #add filter and().addfilterafter(digestauthenticationfilter(), basicauthenticationfilter.class); } /* * (non-javadoc) * * @see org.springframework.security.config.annotation.web.configuration. * websecurityconfigureradapter#authenticationmanagerbean() */ @bean @override public authenticationmanager authenticationmanagerbean() throws exception { homecoming super.authenticationmanagerbean(); } /* * (non-javadoc) * * @see org.springframework.security.config.annotation.web.configuration. * websecurityconfigureradapter#userdetailsservicebean() */ @override @bean public userdetailsservice userdetailsservicebean() throws exception { homecoming super.userdetailsservicebean(); } /** * digest authentication filter. * * @return digest authentication filter * @throws exception * exception */ public digestauthenticationfilter digestauthenticationfilter() throws exception { digestauthenticationfilter filter = new digestauthenticationfilter(); filter.setuserdetailsservice(userdetailsservicebean()); filter.setauthenticationentrypoint(digestendpoint()); homecoming filter; } /** * digest end point. * * @return digest authentication entry point */ public digestauthenticationentrypoint digestendpoint() { digestauthenticationentrypoint digestauthenticationentrypoint = new digestauthenticationentrypoint(); digestauthenticationentrypoint.setrealmname("hf integration"); digestauthenticationentrypoint.setkey("acegi"); homecoming digestauthenticationentrypoint; } }
please help guys !!
java spring spring-mvc spring-security
No comments:
Post a Comment