Postman 403 Forbidden message

I made some api with REST Spring. GET request works fine in Postman but when I try to do POST request I receive this error :

{
    "timestamp": "2018-09-25T06:39:27.226+0000",
    "status": 403,
    "error": "Forbidden",
    "message": "Forbidden",
    "path": "/cidashboard/projects"
}

This is my controller :

@RestController
@RequestMapping(ProjectController.PROJECT_URL)
public class ProjectController {

    public static final String PROJECT_URL = "/cidashboard/projects";

    private final ProjectService projectService;

    public ProjectController(ProjectService projectService) {
        this.projectService = projectService;
    }

    @GetMapping
    List<Project> getAllProjects(){
        return projectService.findAllProjects();
    }

    @GetMapping("/{id}")
    Project getProjectById(@PathVariable int id) {
        return projectService.findProjectById(id);
    }

    @PostMapping
    void addProject(@RequestBody Project newProject) {
        projectService.saveProject(newProject);
    }
}

Security configuration initial I wanted to work with ldap, but in my application properties i left only the conection at database....................................................................................................................................................

@EnableGlobalMethodSecurity
@Configuration
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .authorizeRequests()
                .antMatchers("/css/**").permitAll();
//                .anyRequest().fullyAuthenticated();
//                .and()
//                .formLogin().loginPage("/login").permitAll()
//                .failureUrl("/login-error");
    }

    @Override
    public void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth
                .ldapAuthentication()
                .userDnPatterns("uid={0},ou=people")
                .groupSearchBase("ou=groups")
                .contextSource(contextSource())
                .passwordCompare()
                //.passwordEncoder(new LdapShaPasswordEncoder())
                .passwordAttribute("userPassword");
    }

    @Override
    public void configure(WebSecurity web) throws Exception {
        web
                .ignoring()
                .antMatchers("/resources/static/**"); // #3
    }

    @Bean
    public DefaultSpringSecurityContextSource contextSource() {
        return new DefaultSpringSecurityContextSource(Arrays.asList("ldap://localhost:8389/"), "dc=springframework,dc=org");
    }
}

I added and now i recieve this error : 415 Unsupported Media Type

So your actually advice is to make the application less secure only for testing...

Unsupported media type about your sending type. Which type is sending from postman JSON or whatelse ?

@M.Deinum But he ignored the csrf , that means he dont need this token. if he used , csrf support is default .that means he dont wants to csrf token.

That is an assumption. The fact that he ignored the csrf token could very well be due to the fact he didn't know that csrf protection is enabled by default. Nonetheless giving the advice to make an application less secure is always a bad answer (imho that is).

Assumptions but i think true. Of course he can found about csrf usage. I said only how to prevent from this problem. I respect your think , but i dont think this downvote is right totaly. But thanks your suggests and opinions.

Drowny, @Consumes need a special dependency?

I added new configuration on PostMapping to my post. You can use @PostMapping(consumes = "application/json")

I receive this org.springframework.security.web.firewall.RequestRejectedExc‌​eption: The request was rejected because the URL was not normalized.

Finally it work. I have a mistake in database. But work only with .csrf().disable(), and I didn't have to put @Consumes(MediaType.APPLICATION_JSON_VALUE). Thanks a lot!!! :)