基本身份验证在使用 Postman 时不起作用，但在浏览器上可以工作

我的 Spring Boot Web 应用程序使用浏览器运行良好。当我尝试在不登录的情况下访问应用程序中的任何 URL 时，应用程序会将我转发到登录页面，并且当我登录时，我可以成功访问所有应该的 URL。身份验证在浏览器上工作正常，但是当我使用邮递员向 URL 发送 GET 或任何其他请求时（当然我提供选择基本身份验证的用户名和密码），它总是将我转发回登录页面。

这是我的安全配置

package com.SocialApp.myapp.config;

import com.SocialApp.myapp.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
import org.springframework.security.config.annotation.web.HttpSecurityDsl;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;

@Configuration
//integrate spring security with mvc
@EnableWebSecurity
@EnableMethodSecurity
public class SecurityConfiguration{

    @Autowired
    private UserService userService;

     @Bean
    public BCryptPasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }
     @Bean
    public DaoAuthenticationProvider authenticationProvider() {
        DaoAuthenticationProvider auth = new DaoAuthenticationProvider();
        auth.setUserDetailsService(userService);
        auth.setPasswordEncoder(passwordEncoder());
        return auth;
    }


    //auth changed after spring security 6.1, WebSecurityConfigurerAdapter is depreciated
    @Bean
    protected SecurityFilterChain filterChain(HttpSecurity http, DaoAuthenticationProvider authenticationProvider) throws Exception {
        http.authorizeHttpRequests(authorize -> authorize.requestMatchers(
                new AntPathRequestMatcher("/registration**"),
                new AntPathRequestMatcher("/js/**"),
                new AntPathRequestMatcher("/css/**"),
                new AntPathRequestMatcher("/img/**")).permitAll()
                .anyRequest().authenticated())
                .formLogin(login -> login.loginPage("/login").permitAll())
                .logout(logout -> logout
                .invalidateHttpSession(true)
                .clearAuthentication(true)
                .logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
                .logoutSuccessUrl("/login?logout")
                .permitAll());
        http.authenticationProvider(authenticationProvider);


        return http.build();
    }

}