Request method ‘POST’ not supported Spring Security

Hello everyone i found a problem that i can’t solve i will explain the situation and if you have any idea can help me to solve it and thanks in advance.

I have project spring boot with restController contains this method :

@CrossOrigin("*")
@PostMapping(path = "/payerTickets")
@ResponseBody
@Transactional
public List<Ticket> payerTickets(@RequestBody TicketForm ticketForm) {
    List<Ticket> listTickets = new ArrayList<>();
    ticketForm.getTickets().forEach(idTicket -> {
        Ticket ticket = ticketRepository.findById(idTicket).get();
        ticket.setNomClient(ticketForm.getNomClient());
        ticket.setReserve(true);
        ticket.setCodePayement(ticketForm.getCodePayement());
        ticketRepository.save(ticket);
        listTickets.add(ticket);
    });
    return listTickets;
}


@Data
class TicketForm {
    private String nomClient;
    private int codePayement;
    private List<Long> tickets = new ArrayList<>();
}

When i call this methode in the FrontEnd side with angular here is the code TypeScript :

onPayTickets(dataForm) {
let  tickets=[];
this.selectedTickets.forEach(t=>{
  tickets.push(t.id)
});
dataForm.tickets=tickets;
this.cinemaService.payerTickets(dataForm).subscribe(data=>{ alert("Tickets réservés avec success"); 
this.onGetTicketsPlaces(this.currentProjection) },error => { console.log(error); })

}

I get the error :

error: “Method Not Allowed”, message: “Request method ‘POST’ not supported”, trace: “org.springframework.web.HttpRequestMethodNotSuppor…a:61) ↵ at java.lang.Thread.run(Unknown Source) ↵”,

Note : The method was working fine before adding spring security and this is my securityConfig :

@Override
protected void configure(HttpSecurity http) throws Exception {
    //http.formLogin().loginPage("/login");
    http.formLogin();
    http.authorizeRequests().antMatchers("/save**/**","/delete**/**","/form**/**","/add**/**").hasRole("ADMIN");
    http.exceptionHandling().accessDeniedPage("/notAuthorized");
}

I hope you understande the situation and if you need any more information add a comment, Thanks in advance again.

Answer

Take a look at this link you should probably need to disable CSRF by adding

.csrf().disable()

to configure method

Leave a Reply

Your email address will not be published. Required fields are marked *