SpringBoot+Swagger Error: 403 Forbidden [How to Solve]

Springboot + swagger2 reports error 403 Forbidden

Error reporting reason

When creating a springboot project, if spring security dependencies are introduced into the POM file, after spring boot starter security, springboot will enable authentication by default, and also enable CSRF (Cross Site Request Forgery Prevention) verification by default. Therefore, the post request will be intercepted, that is, an error 403 Forbidden will be reported, and the get request will not be intercepted

Solution

Use ignore to ignore interception and manually turn off CSRF protection. Remember to turn on annotation @ enablewebsecurity manually

@EnableWebSecurity
public class WebSecurityCongfig extends WebSecurityConfigurerAdapter {

    @Override
    public void configure(WebSecurity web) throws Exception {
        web.ignoring().antMatchers("/**");
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.cors().and().csrf().disable();
    }
}

ProgrammerAH

Programmer Guide, Tips and Tutorial

SpringBoot+Swagger Error: 403 Forbidden [How to Solve]