POSTing from jQuery to MVC Spring Server responses HTTP 403 Forbidden

Question

I am trying to make a POST updating an String Array, using jQuery. The server is a boot Spring MVC Server. When I do the POST, the response from the server is HTTP 403 Forbidden.

Spring Controller

  @RequestMapping(value="getlistmap", method = RequestMethod.POST)
    public @ResponseBody String getListMapfromOneProject(HttpServletResponse response, Principal p,@RequestBody String respostas) throws IOException {
    System.out.println("A AJAX call has been detected!");
    return "ok!";
}

POST code:

var respostas=["hello","hi","bye"];
  var urlprova = 'getlistmap';
  $.ajax({
    type: 'POST',
    url: urlprova,
    dataType: 'json',
    data: JSON.stringify(respostas),
    success: function (data) {
        alert("updated successfully");
      },
    error: function (xhr, ajaxOptions, error) {
        alert(err.status);
        alert('Cannot update, ' + err.responseText);
    }

});

Console from Server (the URL and method Controller seems to be mapped correctly):

2014-11-20 18:44:53.427 INFO 6724 --- [ main] o.s.w.s.handler.SimpleUrlHandlerMapping : Mapped URL path [/] onto handler of type [class org.springframework.web.servlet.resource.DefaultServletHttpRequestHandler] 2014-11-20 18:44:53.466 INFO 6724 --- [ main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/login],methods=[GET],params=[],headers=[],consumes=[],produces=[],custom=[]}" onto public org.springframework.web.servlet.ModelAndView palmaslab.mapas.controller.myController.login() 2014-11-20 18:44:53.466 INFO 6724 --- [ main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/getlistmap],methods=[POST],params=[],headers=[],consumes=[],produces=[],custom=[]}" onto public java.lang.String palmaslab.mapas.controller.myController.getListMapfromOneProject(javax.servlet.http.HttpServletResponse,java.security.Principal,java.lang.String) throws java.io.IOException 2014-11-20 18:44:53.467 INFO 6724 --- [ main] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/addProjectPostoSaude],methods=[GET],params=[],headers=[],consumes=[],produces=[],custom=[]}" onto public org.springframework.web.servlet.ModelAndView palmaslab.mapas.controller.myController.addProject()

Are you using Spring Security? If so, refer my [answer](http://stackoverflow.com/a/34319194/583237). — Pradip Kharbuja, Dec 16 '15 at 18:15

score 0 · Answer 1 · answered Nov 21 '14 at 13:15

0

Looks like your ajax post does contain the sessionId or user credentials. - When you use Spring Security, then you need to send them with every request.

answered Nov 21 '14 at 13:15

Ralph

118,862
56
287
383

Sorry I am learning jquery right now, please could you explain me how i have to send the user credentials? Thank you – Alberto Crespo Nov 21 '14 at 13:29
http://stackoverflow.com/questions/5433351/jsessionid-httponly-cookie-not-sent-to-web-service-from-javascript – Ralph Nov 21 '14 at 14:50
How could I catch the Cookie from a previous getJSON i did before? – Alberto Crespo Nov 21 '14 at 15:16
1

First check your none JSON Requests that they have have that cookie. - And I have not enought Jquery knowlege to answer this - I posted this answer, because I know how spring security works, and I have noticed that your request does not contain any jsession id – Ralph Nov 21 '14 at 18:12

score 0 · Answer 2 · answered Nov 21 '14 at 13:16

Looks legit in general, try following, one of them might solve your problem :

Adding a slash to your request mapping value : @RequestMapping(value="/getlistmap"...
Adding : contentType: 'application/json', to your ajax call
Describing headers in your request mapping as : headers = {"Content-type=application/json"}

POSTing from jQuery to MVC Spring Server responses HTTP 403 Forbidden

2 Answers2