Ad

Server Connection Lost After Successful Login With Spring Security

After successful login using Spring security I will loose connection and my client is trying to reconnect. This is my config file:

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    DataSource dataSource;

    @Autowired
    public void configAuthentication(AuthenticationManagerBuilder auth) throws Exception {
        auth.jdbcAuthentication().dataSource(dataSource)
                .usersByUsernameQuery(
                        "select nickname,password, true from client where nickname=?")
                .authoritiesByUsernameQuery(
                        "select username, role from user_roles where username=?");
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
                .antMatchers("/login")
                .permitAll()
                .antMatchers("/*")
                .access("hasRole('ROLE_USER')");
        http.formLogin()
                .defaultSuccessUrl("/", true);
    }

    @Bean
    public static NoOpPasswordEncoder passwordEncoder() {
        return (NoOpPasswordEncoder) NoOpPasswordEncoder.getInstance();
    }
}

I am using vaadin flow. After successful login my base page will show but right after that it will loose connection and it will start reconnecting in an endless loop.

This is the header of my root page.

@Route(value = "")
public class BasePageView extends VerticalLayout

Thank you for any help.

Ad

Answer

Add this http.csrf().disable() to your configure method in SecurityConfig.

I do not know exactly why it is not working without that. If it is Vaadin Flow specific or not. Maybe someone else will help us to understand.

Ad
source: stackoverflow.com
Ad