java - Spring MVC PUT Request returns 405 Method Not Allowed

Question

I am using spring mvc to set up a rest api and most of the configurations are set up automatically through the spring boot project. On the front end I am using angularjs and their $http module to make ajax requests to the server for resources. Resource urls are defined in my controller class but only the GET urls are being matched. I've tried PUT and POST but these return 405 method not allowed and 403 forbidden respectively.

My controller looks like this

@Controller
@RequestMapping("/api/users")
public class UserController {

    @Inject
    UserService svc;

    @RequestMapping(method = RequestMethod.GET)
    @ResponseBody
    public List<User> home() {
        return svc.findAll();
    }

    @RequestMapping(method = RequestMethod.GET, value = "/{id}")
    @ResponseBody
    public User findById(@PathVariable long id){
        return svc.findById(id);
    }

    @RequestMapping(method = RequestMethod.PUT, value="/{id}")
    @ResponseBody
    public User updateUser(@PathVariable long id, @RequestBody User user){
        Assert.isTrue(user.getId().equals(id), "User Id must match Url Id");
        return svc.updateUser(id, user);
    }

}

and the request to the server that is not matching the url looks like this

$http({
            url: BASE_API + 'users/' + user.id,
            method: 'PUT',
            data:user
        })

this produces a PUT request to localhost:8080/api/users/1 and the server responds with a 405 Method Not Allowed response code.

The same request mapping but with a RequestMethod.GET is correctly handled when the server receives an HTTP GET request to localhost:8080/api/users/1

Any insight would really help.

PS in case this is needed the included spring boot dependencies are

    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-web</artifactId>
    </dependency>

    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-security</artifactId>
    </dependency>

    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-thymeleaf</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-test</artifactId>
        <scope>test</scope>
    </dependency>

    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-data-jpa</artifactId>
    </dependency>

    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-tomcat</artifactId>
        <scope>provided</scope>
    </dependency>

Thanks

Answer 1

I had same error because of csrf protection. If csrf protection is enabled you need to send csrf parameters in request header.

You can also check Spring documentation here.

I added this parameters into my jsp file

<input type="hidden" id="csrfToken" value="${_csrf.token}"/>
<input type="hidden" id="csrfHeader" value="${_csrf.headerName}"/>

And modified my ajax call like below.

var token = $('#csrfToken').val();
var header = $('#csrfHeader').val();

$.ajax({
    type : 'POST',
    url : contextPath + "/qd/translate",
    data: JSON.stringify(json),
    dataType : 'json',
    beforeSend: function(xhr) {
        xhr.setRequestHeader("Accept", "application/json");
        xhr.setRequestHeader("Content-Type", "application/json");
        xhr.setRequestHeader(header, token);
    },
    success : function(result) {
        if (result.status === 'ok') {
            $('#translationModal').modal('hide');
            alert('Error when translating: ' + result.resultMessages.succeess);
        } else {
            alert('Error when translating: ' + result.resultMessages.error);
        }

    },
    error : function(jqXHR, textStatus, errorThrown) {
        alert(jqXHR.status + " " + jqXHR.responseText);
    }
});