Open shilpi-incedo opened 2 years ago
any news?
I have the same problem, has any news to share?
After analysing further , we found its working fine on our local environments but giving issue on other server as they are hosted behind nginx proxy. Haven't got any good solution to allow this by changing proxy configurations.
I think it's late but comment this.
[ .anyRequest().authenticated() ] is error of Origin.
But that code is nessesary for security... this is hard..
I also had the same problem, then I changed API testing tool to Insomia, and I called PUT, POST, DELETE request successfully
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http.csrf().disable()
.authorizeRequests()
.requestMatchers(
"/v1/api/get-token",
"/swagger-ui.html",
"/swagger-ui/*",
"/v3/api-docs/**",
"/swagger-resources/**",
"/webjars/**").permitAll()
.anyRequest().authenticated()
.and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and().addFilterBefore(jwtAuthorizationFilter, UsernamePasswordAuthenticationFilter.class);
return http.build();
}
This is my security config and it is working fine with dependency
<dependency>
<groupId>org.springdoc</groupId>
<artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
<version>2.0.2</version>
</dependency>
Issue : Get request for swagger UI openAPI is working , whereas other method types giving 403 error.
Dependency :
Swagger Configuration :
Security Configuration :
We have also tried ignoring these paths :
/swagger-resources/** , /webjars/**
in WebSecurity, still its not working.