After Spring Secure configures csrf, the previously available URL returns a 404 error - Codes Helper

The implementation of

inheriting WebSecurityConfigurerAdapter is as follows.

@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private DataSource dataSource;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
                .antMatchers("/user/**").hasRole("USER")
                .and()
                .formLogin().loginPage("/login").failureUrl("/login?error").permitAll()
                .usernameParameter("username").passwordParameter("password")
                .and()
                .logout().logoutSuccessUrl("/login?logout")
                .and()
                .exceptionHandling().accessDeniedPage("/403")
                .and()
                .csrf();
    }

is different from the last line. If it is csrf (). Disable () , everything is fine. Remove disable () and report 404 error
the test code is as follows:

@RunWith(SpringRunner.class)
@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
public class CSVImportIT {

    @Autowired
    private TestRestTemplate restTemplate;

    @MockBean
    private StorageService storageService;

    @LocalServerPort
    private int port;

    @Test
    public void shouldUploadFile() {
        ClassPathResource resource = new ClassPathResource("testUpload.txt", getClass());

        MultiValueMap<String, Object> map = new LinkedMultiValueMap<>();
        map.add("file", resource);
        ResponseEntity<String> response = restTemplate.postForEntity("/", map, String.class);

        assertThat(response.getStatusCode()).isEqualByComparingTo(HttpStatus.FOUND);
        assertThat(response.getHeaders().getLocation().toString()).startsWith("http://localhost:" + this.port + "/");
        then(storageService).should().store(any(MultipartFile.class));
    }
}

is generally found in assertThat (response.getStatusCode ()) .isEqualBycomparison to (HttpStatus.FOUND); this line reports an error

    tractDirtiesContextTestExecutionListener : After test method: context  
 [DefaultTestContext@3899782c testClass = CSVImportIT, testInstance = dems.CSVImportIT@6d514259,  
 testMethod = shouldUploadFile@CSVImportIT, testException = org.junit.ComparisonFailure:  
 expected:<[302]> but was:<[404]>, mergedContextConfiguration =  
 [WebMergedContextConfiguration@1603cd68 testClass = CSVImportIT, locations = "{}", classes = 
  "{class dems.Application}", contextInitializerClasses = "[]", activeProfiles = "{}",  
 propertySourceLocations = "{}", propertySourceProperties =  
 "{org.springframework.boot.test.context.SpringBootTestContextBootstrapper=true, 
  server.port=0}", contextCustomizers =  
 set[org.springframework.boot.test.context.filter.ExcludeFilterContextCustomizer@5fa07e12,  
 org.springframework.boot.test.json.DuplicateJsonObjectContextCustomizerFactory$DuplicateJsonObjectContextCustomizer@366647c2,  
 org.springframework.boot.test.mock.mockito.MockitoContextCustomizer@a9a8d3f1, 
  org.springframework.boot.test.web.client.TestRestTemplateContextCustomizer@2bfc268b, 
 org.springframework.boot.test.autoconfigure.properties.PropertyMappingContextCustomizer@0,  
 org.springframework.boot.test.autoconfigure.web.servlet.WebDriverContextCustomizerFactory$Customizer@550ee7e5], resourceBasePath = "src/main/webapp", contextLoader =  
 "org.springframework.boot.test.context.SpringBootContextLoader", parent = [null]], attributes =  
 map["org.springframework.test.context.web.ServletTestExecutionListener.activateListener" ->  
 false]], class annotated with @DirtiesContext [false] with mode [null], method annotated with 
  @DirtiesContext [false] with mode [null].

add a breakpoint to the Mapping method of Controller corresponding to URL, and debug reports an error when it finds that it does not hit the breakpoint. Add disable () back to normal.