Results 1 to 4 of 4
  1. #1
    ark
    ark is offline Senior Member
    Join Date
    Apr 2015
    Posts
    288
    Rep Power
    4

    Default How write the request to spring rest service with spring security authentification?

    I have worked on java-fx client that connects with spring rest-server. Indeed I cannot connect for now.
    The server use Spring Security with Daoauthentification provider, Password Encoder. I tried to send the request from postman-like prugin indeed I get the 403 errors. Whether the spring boot server was not fully launched on localhost:8080 or where it needs some additional attributes in request. Could the issue to be in bad connection with mysql, as the rest service works directly with mysql db. How to check whether the issue is in not fully completed server launch (indeed Eclipse shows that sever launched), in bad connection with mysql db server (what kind of error it could provide), whether the reason is not in correct request. What except URL, POST-method, and Request parameters I should define when try to login to spring boot server? I was unable to create login by register (or maybe plain spring security request) but I created two login accounts with mysql workbench, so I should try to login with it. After registering directly or indirectly the account the server should not send any tolen or cookes to client except encoded data to db. So maybe I need to define any token or cookies to make first login for my account? What Daoauthentification provider suppose? Anyway it closely cooperate with db for accounts settings with UserDetails interface.
    For example Spring Security presuppose the automatic creation of LOGIN and LOGOUT forms- but it is helpful for webpages but what is happened for desktop app? For example when I send request for some rest-URL where I was not authorized I got in postman-like app the html-code with form for username and password details. So the request works in some way but not in any kind useful for me?
    Any suggestion?

  2. #2
    benji2505 is offline Senior Member
    Join Date
    Sep 2014
    Location
    MA, USA
    Posts
    388
    Rep Power
    4

    Default Re: How write the request to spring rest service with spring security authentificatio

    Admin should move this to the Spring section. This has nothing to do with JavaFX.

  3. #3
    ark
    ark is offline Senior Member
    Join Date
    Apr 2015
    Posts
    288
    Rep Power
    4

    Default Re: How write the request to spring rest service with spring security authentificatio

    I have created java-fx client and it should send the request. Indeed I had issue in last time even from browser plugin request.
    To be more clear -- the request should be Apache Httpclient requests with cookiestore. Indeed if it got cookie from server, then use cookie store, how do server "read" the cookie back -if it is correct or if its not correct or absent? This issue is not highlighted by nothing in the internet. And again when I require the URL, when not authorized I got html form for username and email - how java-fx could handle it. Should it just extract or send username and pasword pairs or should insert that one in that virtual html-form back to server?
    Could the reason to be in simple CFRS enabled by default in Spring security - then I could add http.cfrs.disable() and problem with 403 forbidden status code for URL could be surpassed -now I cannot check - as another bean related exception appeared during spring boot start - that was not present earlier.
    Last edited by ark; 12-22-2017 at 02:03 AM.

  4. #4
    ark
    ark is offline Senior Member
    Join Date
    Apr 2015
    Posts
    288
    Rep Power
    4

    Default Re: How write the request to spring rest service with spring security authentificatio

    Really, when I added cfrs().disable() to configure(Httpsecurity http) method the 403 error disappeared.
    Indeed when i tried to create new user account with localhost:8080/register post with 4 reqparameters i got the 404 not found error? Then I tried to login to localhost:8080/login URI with post-request with 2 parameters email and password
    and got such html forms as res:
    Java Code:
    <html><head><title>Login Page</title></head><body onload='document.f.email.focus();'>
    <p style='color:red;'[B]>Your login attempt was not successful, try again.<br/><br/>Reason: User is disabled[/B]</p><h3>Login with Username and Password</h  3><form name='f' action='/login/login' method='POST'>
    <table>
    	<tr><td>User:</td><td><input type='text' name='email' value=''></td></tr>
    	<tr><td>Password:</td><td><input type='password' name='password'/></td></tr>
    	<tr><td colspan='2'><input name="submit" type="submit" value="Login"/></td></tr>
    </table>
    </form></body></html>
    It doesnot matter what password is - correct, incorrect or absent if the email is correct.
    When I put incorrect email - I got the same form except that instead of Reason: User is disabled i got Reason:Bad Credentials. What could be the reason of User disabled?
    I have seen that UserService interface has isEnabled() method - but how to set User to enabled by default, if it is currently false by default. I did not created server but has code for it now.

    -- I tested my requests to spring boot server - with Mozilla plugin - Httprequester (Postman-like)
    Last edited by ark; 12-26-2017 at 01:45 AM.

Similar Threads

  1. Replies: 0
    Last Post: 03-02-2017, 11:13 PM
  2. Spring Security
    By Nirmitha in forum Spring
    Replies: 1
    Last Post: 11-07-2013, 10:04 AM
  3. Replies: 1
    Last Post: 12-27-2010, 05:21 PM
  4. GAE + Spring Security
    By kievari in forum Advanced Java
    Replies: 0
    Last Post: 12-12-2010, 09:19 PM
  5. Spring Security + Crowd
    By Cbani in forum Advanced Java
    Replies: 4
    Last Post: 09-14-2010, 02:01 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •