Monday, June 26, 2023

Spring Security - Step2 - Sample Spring Security application with In InMemoryUserDetailsManager - getting HTTP ERROR 403

 I got below error when tried to access http://localhost:8500/products/all?continue


Access to localhost was denied

You don't have authorization to view this page.

HTTP ERROR 403

 Reason
I have missed "backslash" before "product"


@Bean

    public SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws Exception {

        return httpSecurity.csrf().disable()

                .authorizeHttpRequests()

                .requestMatchers("/products/welcome").permitAll()//just let any one access

                .and()

                .authorizeHttpRequests().requestMatchers("products/**")

                .authenticated().and().formLogin().and().build();


    }


Solution

add a backslash

.authorizeHttpRequests().requestMatchers("/products/**")


No comments:

Post a Comment