-
Notifications
You must be signed in to change notification settings - Fork 1.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Security - Implementation #22
Comments
Please give some more information. Which request returns the 403? Take a look at your WebSecurityConfig. There are some things missing that I have in my WebSecurityConfigurerAdapter. Perhaps you get a better understanding of how this demo works if you take a look at the video I linked in the Readme. |
Sure, I will look at it. http://localhost:8080/auth method post Content-Type appliction/json body:{"username":"user","password":"sample"} Response should be a jwt token Try the autheticated url: http://localhost:8080/order |
Shouldn't the header be set to:
I'm not sure if this detail is important or not, but from my understanding of the specification, JWTs should be declared as Bearer tokens in the Authorization header. |
I didn't find the need of the bearer scheme in any specification but it seems to me that it is the typical way to mark a bearer token. I will adapt it to the project with another ticket. |
The current version did not work for me when trying to access it from another domain. It produced the following error:
I spent quite some time figuring out what to do here. I found a solution and have added this to WebSecurityConfig.java: This then fixed it for me:
Thought I'd share as CORS issues seem to be pretty common all around. |
@tandrew Thanks for sharing your solution! Here's another possibility from a Spring guide: https://spring.io/guides/gs/rest-service-cors/ |
Thanks for putting this online, I did try to implement this in my project, Sending JWT tokens as my Header.
for some reason, I am getting 403 forbidden error. I am not sure, what I am doing wrong or if I am missing any configuration. I have put the project on git hub, If someone can point me what the issue is.
https://github.com/vivdso/SpringAuthentication
Please assist.
The text was updated successfully, but these errors were encountered: