I am trying to post data using postman to spring-boot server , but spring security is not allowing the permited path apiregister . I am beginner , so pls correct me. I have tried other stackoverflow but they are outdated.

My original requirement is that I want to use @EnableMethodSecurity, but when I call @RestController method with invalid payload and user missing required role, the validation takes precedence. So instead of getting 403/401 I’m getting 400 revealing something about unauthorized endpoint. That’s incorrect.

I am trying to setup Spring security in my learning project and I am unable to access to any of the end points. I am getting 403 for all end points. I looked at some of the existing SO questions and here’s what I have tried so far.

I am using the latest spring security, I want to access an admin endpoint however everytime i request I got forbidden here’s my code:

I am writing a Spring Boot web application and I would like to make the security aspect configurable using an external file, rather than using Java code.

My configuration was working fine until one week ago I formatted my C Drive because I bought a new SSD. This resulted in my web application throwing “Forbidden 403 Error” from the login page itself.

Ok so I am working on a spring boot application which uses java, JSP and MySQL database. Originally the Spring Starter Security posed issues such as not showing my own login/signup pages, authentication errors etc. Because of this, I removed the Security Config file, and my project was working fine.
Then I made changes to the project so that the Security Config file will work fine since authentication and security is necessary for a web application. Everything was working fine, the whole project was running perfectly. A week ago, I formatted my C Drive because I bought a new SSD, but the original drive did not hold the IDE or the Project files. This resulted in my web application throwing “Forbidden 403 Error” from the login page itself.
After going mad for the better part of the day, I just commented out the Security Config File and the Starter Security dependency, and voila, the project is running smoothly again.
Can someone please tell me why Spring security is so cumbersome. I have read other threads, but could not find a good answer. Or if I am doing something wrong?

I have been trying to build a forum using Spring. Some components of the forum require authentication, for which I am using Spring Security. I put these URLs in the requestMatchers().permitAll(). However, when I tried to enter an URL (localhost:8080/post/new/1234) that matches with the pattern, my access is still allowed. The followings are my securityconfiguration:

I am working on a Spring Boot 3.3 application and using Spring Security 6 to secure my endpoints. I have configured the security as follows:

I’m using two configuration classes with different goals.