Reputation: 33
"Unauthorized: Full authentication is required to access this resource" when booting up the app
This is a bit annoying since I've solved the original problem (which was this) but now this is another thing that I can't quite debug myself.
I am using JHispter 6.10 (Spring Boot 2.2.7.RELEASE) + React for my project. I've recently come to the need of using entities as catalogues (so they can be managed easily by an admin) and they need to be used on the register page. My first problem was that they wouldn't the dropdown in the register page, but that problem had to do with SecurityConfiguration.java, so I added the entities to be permitted to All:
.antMatchers("/api/comunidad-famdals").permitAll()
.antMatchers("/api/ciudads").permitAll()
.antMatchers("/api/estados").permitAll()
.antMatchers("/api/ladrillo-famdals").permitAll()
.antMatchers("/api/pais").permitAll()
.antMatchers("/api/**").authenticated()
And that seems to work just fine, but the first time I load the app (in dev mode), it throws the next error:
2020-10-09 02:03:33.337 DEBUG 63312 --- [ XNIO-1 task-9] c.f.m.r.CustomAuditEventRepository : Enter: add() with argument[s] = [AuditEvent [timestamp=2020-10-09T07:03:33.302498Z, principal=anonymousUser, type=AUTHORIZATION_FAILURE, data={details=org.springframework.security.web.authentication.WebAuthenticationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null, type=org.springframework.security.access.AccessDeniedException, message=Access is denied}]]
2020-10-09 02:03:33.342 DEBUG 63312 --- [ XNIO-1 task-9] c.f.m.r.CustomAuditEventRepository : Exit: add() with result = null
2020-10-09 02:03:33.473 WARN 63312 --- [ XNIO-1 task-9] o.z.problem.spring.common.AdviceTraits : Unauthorized: Full authentication is required to access this resource
2020-10-09 02:03:33.564 WARN 63312 --- [ XNIO-1 task-9] .m.m.a.ExceptionHandlerExceptionResolver : Resolved [org.springframework.security.authentication.InsufficientAuthenticationException: Full authentication is required to access this resource]
And when trying to register, the dropdown still doesn't show anything:
But if I go home once again, the terminal shows that all the queries have been done correctly, and sure enough, if I go back to the register page:
I would like to know if I am missing something on my SecurityConfiguration.java or if the order of the configuration needs to be different for it to work properly.
Upvotes: 2
Views: 10300
Answers (1)
Reputation: 11
you have to give permissions to your endpoint in the Spring Boot Configuration (SecurityConfiguration.java)
add a new antMatchers parameter to the HttpSecurity.authorizeRequests() it should look like this:
http
.authorizeRequests()
.antMatchers("/api/yourEndpoint").permitAll()
of course you have to select who has authority to call this endpoint
Hope it works for you :)
Upvotes: 1
Related Questions
- Java Spring-Boot Access-Control-Allow-Origin Error
- Unable to access API due to authorisation
- React axios request to Spring Boot REST server authentication problem
- Spring Security httpBasic 404 for correct credentials
- Remove authorization from JHipster-generated application
- Jhipster new Roles - Full authentication is required
- jhipster/spring boot - Error occurred while trying to proxy request
- Reactjs Spring-boot security
- Access Denied with using JHipster Spring Config Server
- Unauthorized Error when using jHipster oAuth despite CORS