Как устранить ошибку токена csrf. Я попробовал отключить конкретный API, а также использовал @CrossOrigin на уровне конт ⇐ JAVA

[Anonymous]

Использование Spring Security 6.3.3.

Код: Выделить всё

`    @Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http.authorizeRequests()
.requestMatchers("").authenticated()
.anyRequest().permitAll()
.and()
.httpBasic(Customizer.withDefaults())
.csrf(csrf -> csrf.disable());
return http.build();
}`

Код: Выделить всё

2024-09-17T11:38:49.182-04:00 DEBUG 17147 --- [orderhub] [nio-8080-exec-7] o.s.security.web.FilterChainProxy        : Securing POST /api/drivers/register
2024-09-17T11:38:49.183-04:00 DEBUG 17147 --- [orderhub] [nio-8080-exec-7] o.s.security.web.csrf.CsrfFilter         : Invalid CSRF token found for http://localhost:8080/api/drivers/register
2024-09-17T11:38:49.183-04:00 DEBUG 17147 --- [orderhub] [nio-8080-exec-7] o.s.s.w.access.AccessDeniedHandlerImpl   : Responding with 403 status code
2024-09-17T11:38:49.184-04:00 DEBUG 17147 --- [orderhub] [nio-8080-exec-7] o.s.security.web.FilterChainProxy        : Securing POST /error
2024-09-17T11:38:49.184-04:00 DEBUG 17147 --- [orderhub] [nio-8080-exec-7] o.s.s.w.a.AnonymousAuthenticationFilter  : Set SecurityContextHolder to anonymous SecurityContext
2024-09-17T11:38:49.190-04:00 DEBUG 17147 --- [orderhub] [nio-8080-exec-7] s.w.a.DelegatingAuthenticationEntryPoint : Trying to match using And [Not [RequestHeaderRequestMatcher [expectedHeaderName=X-Requested-With, expectedHeaderValue=XMLHttpRequest]], MediaTypeRequestMatcher [contentNegotiationStrategy=org.springframework.web.accept.ContentNegotiationManager@75579691, matchingMediaTypes=[application/xhtml+xml, image/*, text/html, text/plain], useEquals=false, ignoredMediaTypes=[*/*]]]
2024-09-17T11:38:49.190-04:00 DEBUG 17147 --- [orderhub] [nio-8080-exec-7] s.w.a.DelegatingAuthenticationEntryPoint : Trying to match using Or [RequestHeaderRequestMatcher [expectedHeaderName=X-Requested-With, expectedHeaderValue=XMLHttpRequest], And [Not [MediaTypeRequestMatcher [contentNegotiationStrategy=org.springframework.web.accept.ContentNegotiationManager@75579691, matchingMediaTypes=[text/html], useEquals=false, ignoredMediaTypes=[]]], MediaTypeRequestMatcher [contentNegotiationStrategy=org.springframework.web.accept.ContentNegotiationManager@75579691, matchingMediaTypes=[application/atom+xml, application/x-www-form-urlencoded, application/json, application/octet-stream, application/xml, multipart/form-data, text/xml], useEquals=false, ignoredMediaTypes=[*/*]]], MediaTypeRequestMatcher [contentNegotiationStrategy=org.springframework.web.accept.ContentNegotiationManager@75579691, matchingMediaTypes=[*/*], useEquals=true, ignoredMediaTypes=[]]]
2024-09-17T11:38:49.190-04:00 DEBUG 17147 --- [orderhub] [nio-8080-exec-7] s.w.a.DelegatingAuthenticationEntryPoint : Match found! Executing org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint@f04b3b6
2024-09-17T11:38:49.190-04:00 DEBUG 17147 --- [orderhub] [nio-8080-exec-7] s.w.a.DelegatingAuthenticationEntryPoint : Trying to match using RequestHeaderRequestMatcher [expectedHeaderName=X-Requested-With, expectedHeaderValue=XMLHttpRequest]
2024-09-17T11:38:49.190-04:00 DEBUG 17147 --- [orderhub] [nio-8080-exec-7] s.w.a.DelegatingAuthenticationEntryPoint : No match found. Using default entry point org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint@33c99aca

Я пробовал на уровне контроллера с аннотацией @CrossOrigin, также пробовал с конкретным сопоставлением шаблонов API

Подробнее здесь: https://stackoverflow.com/questions/789 ... ular-api-a