How To Fix Error 405 (Request method ‘POST’ not supported) On SpringMVC + SpringSecurity

I am new with springMVC technology. When I create my first form with post method, I got Error 405 (Request method ‘POST’ not supported).

error post method

After some googling, I found that the error was because I use csrf on my web application. I should add some code for token on my action form like “${_csrf.parameterName}=${_csrf.token}”. So, here are my code became:

SpringSecurity.xml

<beans:beans xmlns="http://www.springframework.org/schema/security"
	xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://www.springframework.org/schema/beans
	http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
	http://www.springframework.org/schema/security
	http://www.springframework.org/schema/security/spring-security-3.2.xsd">

	<!-- enable use-expressions -->
    <http auto-config="true" use-expressions="true">
            <intercept-url pattern="/" access="isAuthenticated()" />
            <intercept-url pattern="/images/**" access="permitAll"/>
            <intercept-url pattern="/home" access="isAuthenticated()" />
            <!-- access denied page -->
            <access-denied-handler error-page="/403" />
            <form-login 
                login-page="/login" 
                default-target-url="/home"
                authentication-failure-url="/login?error" 
                username-parameter="username"
                password-parameter="password" />
            <logout logout-success-url="/login?logout" />
            <!-- enable csrf protection -->
            <csrf />
    </http>

	<authentication-manager>
		<authentication-provider user-service-ref="MyUserDetailsService" >
			<password-encoder hash="bcrypt" />    
		</authentication-provider>
	</authentication-manager>

</beans:beans>

My controller

@RequestMapping(value="admin/save", method = RequestMethod.POST)
    public String save(ModelMap model,
            @RequestParam String name,
            @RequestParam String username,
            @RequestParam String password,
            @RequestParam String[] userRoles){
        
        Users user = new Users();
        user.setName(name);
        user.setUsername(username);
        user.setEnable(new BigDecimal(1));
        BCryptPasswordEncoder pwdEncoder = new BCryptPasswordEncoder();        
        user.setPassword(pwdEncoder.encode(password));
        
        try {
            userService.saveOrUpdate(user);
            saveAction(BaseController.SAVE_OR_UPDATE_USER + " " + user.getUsername());
        } catch (Exception e) {
            System.out.println("failed to save user caused " + e.getMessage());
        }
        
        //some code to process another things
        
        model.put(PARAM_USERNAME, BaseController.getNameUser());
        return "redirect:/admin";
        
    }

My JSP


                <form role="form" action="${baseURL}/admin/save?${_csrf.parameterName}=${_csrf.token}" method="POST" id="edituser">
                    <div class="form-group">
                        <label>Name</label>
                        <input class="form-control" name="name" id="name" placeholder="input name here" type="text" required="true" value="${usernm.name}"/>
                    </div>
                    <div class="form-group">
                        <label>Username</label>
                        <input class="form-control" name="username" id="username" placeholder="input username here" type="text"  required="true" value="${usernm.username}"/>
                    </div>
                    <div class="form-group">
                        <label>Password</label>
                        <input class="form-control" name="password" id="password" placeholder="input password here" type="password" value="${usernm.password}" required="true"/>
                    </div>
                    <div class="form-group">
                        <label>Role</label>
                        <span id="errorMsg" class="msg"></span>
                        <div class="checkbox" style="width: 200px; height: 20px;">
                            <label>
                                <input name="userRoles" type="checkbox" value="ROLE_ADMIN" <c:if test="${hasAdmin != null && hasAdmin}">checked="true"</c:if> >Admin
                                </label>
                            </div>
                            <!-- some roles option -->
                        </div>
                        <button type="submit" class="btn btn-default" id="btnSubmit">Submit</button>&nbsp;&nbsp;&nbsp;<input type="button" onclick="location.href = '${baseURL}/admin'" class="btn btn-primary" value="Cancel"/>
                </form>
           

Hope this simple article can help some of you 🙂

Advertisements

One thought on “How To Fix Error 405 (Request method ‘POST’ not supported) On SpringMVC + SpringSecurity

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s