Home > Back-end >  Newly generated Sprint Boot REST Application only returns 401
Newly generated Sprint Boot REST Application only returns 401

Time:10-19

I have a newly created Spring Boot 3.0 application using Kotlin, which returns 401 on all HTTP calls.

MyApiApplication.kt

package com.my.app.api

import org.springframework.boot.autoconfigure.SpringBootApplication
import org.springframework.boot.runApplication

@SpringBootApplication()
class MyApiApplication

fun main(args: Array<String>) {
    runApplication<MyApiApplication>(*args)
}

TestController.kt

package com.my.app.api

import org.springframework.web.bind.annotation.GetMapping
import org.springframework.web.bind.annotation.RequestMapping
import org.springframework.web.bind.annotation.RestController
import java.time.LocalDateTime

@RestController
@RequestMapping("/api/test")
class TestController {

    @GetMapping("/")
    fun test(): LocalDateTime {
        return LocalDateTime.now()
    }

}

application.properties

server.port=6020

spring.datasource.url=jdbc:postgresql://localhost:6010/mydb
spring.datasource.username=mydb
spring.datasource.password=mydbpass

pom.xml

4.0.0 org.springframework.boot spring-boot-starter-parent 3.0.0-SNAPSHOT

<groupId>com.datadriven.headless.api</groupId>
<artifactId>headless-api</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>headless-api</name>
<description>Demo project for Spring Boot</description>

<properties>
    <java.version>17</java.version>
    <kotlin.version>1.7.20</kotlin.version>
    <testcontainers.version>1.17.4</testcontainers.version>
</properties>

<dependencies>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-data-jpa</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-security</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-web</artifactId>
    </dependency>
    <dependency>
        <groupId>com.fasterxml.jackson.module</groupId>
        <artifactId>jackson-module-kotlin</artifactId>
    </dependency>
    <dependency>
        <groupId>org.flywaydb</groupId>
        <artifactId>flyway-core</artifactId>
    </dependency>
    <dependency>
        <groupId>org.jetbrains.kotlin</groupId>
        <artifactId>kotlin-reflect</artifactId>
    </dependency>
    <dependency>
        <groupId>org.jetbrains.kotlin</groupId>
        <artifactId>kotlin-stdlib-jdk8</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.session</groupId>
        <artifactId>spring-session-core</artifactId>
    </dependency>

    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-devtools</artifactId>
        <scope>runtime</scope>
        <optional>true</optional>
    </dependency>
    <dependency>
        <groupId>org.postgresql</groupId>
        <artifactId>postgresql</artifactId>
        <scope>runtime</scope>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-test</artifactId>
        <scope>test</scope>
    </dependency>
    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-test</artifactId>
        <scope>test</scope>
    </dependency>
    <dependency>
        <groupId>org.testcontainers</groupId>
        <artifactId>junit-jupiter</artifactId>
        <scope>test</scope>
    </dependency>
    <dependency>
        <groupId>org.testcontainers</groupId>
        <artifactId>postgresql</artifactId>
        <scope>test</scope>
    </dependency>
</dependencies>
<dependencyManagement>
    <dependencies>
        <dependency>
            <groupId>org.testcontainers</groupId>
            <artifactId>testcontainers-bom</artifactId>
            <version>${testcontainers.version}</version>
            <type>pom</type>
            <scope>import</scope>
        </dependency>
    </dependencies>
</dependencyManagement>

<build>
    <sourceDirectory>${project.basedir}/src/main/kotlin</sourceDirectory>
    <testSourceDirectory>${project.basedir}/src/test/kotlin</testSourceDirectory>
    <plugins>
        <plugin>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-maven-plugin</artifactId>
        </plugin>
        <plugin>
            <groupId>org.jetbrains.kotlin</groupId>
            <artifactId>kotlin-maven-plugin</artifactId>
            <configuration>
                <args>
                    <arg>-Xjsr305=strict</arg>
                </args>
                <compilerPlugins>
                    <plugin>spring</plugin>
                    <plugin>jpa</plugin>
                </compilerPlugins>
            </configuration>
            <dependencies>
                <dependency>
                    <groupId>org.jetbrains.kotlin</groupId>
                    <artifactId>kotlin-maven-allopen</artifactId>
                    <version>${kotlin.version}</version>
                </dependency>
                <dependency>
                    <groupId>org.jetbrains.kotlin</groupId>
                    <artifactId>kotlin-maven-noarg</artifactId>
                    <version>${kotlin.version}</version>
                </dependency>
            </dependencies>
        </plugin>
    </plugins>
</build>
<repositories>
    ...
</repositories>
<pluginRepositories>
    ...
</pluginRepositories>

"curl -v localhost:6020/api/test" returns always returns 401. What am I doing wrong?

CodePudding user response:

You might be affected by this issue.

Take a look here and try to see if your logs match the logs of the ticket. I think the issue is that spring boot when it does not understand the request it sends back the error page but the error page is also behind security by default and can't be disclosed, so then spring boot gives a 401 response instead of the error page.

Also this ticket is the current open ticket from spring-boot team to handle the above issue

CodePudding user response:

You have an additional slash in your get path. So the request you are sending is not correct. Try: curl -v localhost:6020/api/test/

CodePudding user response:

Adding the following class solved my problem:

MyAppApiConfig.kt

package com.my.app.api

import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration
import org.springframework.security.config.annotation.web.builders.WebSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer


@Configuration
@EnableWebSecurity
class MyAppApiConfig {
    @Bean
    fun webSecurityCustomizer(): WebSecurityCustomizer? {
        return WebSecurityCustomizer { web: WebSecurity ->
            web.ignoring() // Spring Security should completely ignore URLs starting with /resources/
                .antMatchers("/api/**")
        }
    }
}
  • Related