Giters

ali-bouali / spring-boot-3-jwt-security

Sample project on how to implement JWT security based using Spring boot 3 and Spring security 6

Home Page:https://aliboucoding.com/p/securing-your-spring-boot-3-0-applications-with-json-web-tokens-jwt

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Not able to call greetings service

waleed089 opened this issue · comments

commented

I followed your video and created same. But unable to call GET service, its giving 403. I debug token is verified and user also But still not working as expected

@RestController
@RequestMapping(path = "/api/v1/greetings")
public class Greetings {

@GetMapping
public ResponseEntity<String> sayHello(){
	return ResponseEntity.ok("Hello from our API");
}

@GetMapping(path = "/say-good-bye")
public ResponseEntity<String> sayGoodBye(){
	return ResponseEntity.ok("Good bye and see u later!!");
}

}

commented

I got it solved. below line was missing in SecurityConfig class
authorizeHttpRequests(authHttpReq -> authHttpReq.anyRequest().authenticated())

Complete method:
@bean
public SecurityFilterChain securityFilterChain(HttpSecurity http)throws Exception{
http
.csrf(csrf -> csrf.disable())
.authorizeHttpRequests(authHttpReq -> authHttpReq.requestMatchers("/api/v1/auth/**").permitAll())
.authorizeHttpRequests(authHttpReq -> authHttpReq.anyRequest().authenticated())
.sessionManagement(sess -> sess.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
.authenticationProvider(authenticationProvider)
.addFilterBefore(jwtAuthFilter, UsernamePasswordAuthenticationFilter.class)
;
return http.build();
}