Hello,
First, I want to thank the developers for creating Kafka UI (Kafbat). It's an excellent product.
I am running into a persistent 403 Forbidden error when attempting to execute KSQL queries through the UI, and I suspect it might be a bug related to Basic Authentication handling for POST requests.

Environment Details

• Kafka UI / Kafbat Version: v1.3.0
• KsqlDB Version: confluent kafka 7.7.0
• Setup: KsqlDB is running on a dedicated broker VM (SERVICE-BROKER-01:8088). Kafka UI is running on a separate VM within the same network.

Problem Summary
When I attempt to run any query (e.g., list topics;) from the KsqlDB menu:

1. DevTools shows 403 Forbidden for the actual query execution API:
   • Failed Endpoint: POSThttp://KAFBAT-UI:8080/api/clusters/Service-Kafka/ksql/v2
   • Status: 403 Forbidden
2. KsqlDB Server Logs show 200 OK (Crucial Detail):
   • When checking the ksql-server logs on the broker, the server receives the query, processes it successfully, and sends a 200 OK response. This confirms the Basic Auth credential (admin:password) is valid and the server accepts the query.
   • Example Log: INFO ... "POST /ksql HTTP/1.1" 200 77 ...
3. Other Endpoints Work: All GET requests from the UI (e.g., /api/clusters//tables, /api/clusters//streams, /api/clusters/*/info) return 200 OK. Only the KSQL POST request fails.

Configuration Attempts (All Resulted in 403 on the POST Request)
We have confirmed all Kafka ACLs are set to ALL for the admin user. The issue persists even after separating the UI login user (spring.security) from the KSQLDB user (ksqldbServerAuth).

Configuration Used in application.yml

ksqldbServer:http://SERVICE-BROKER-01:8088
ksqldbServerAuth:
username: admin
password: password

spring:
security:
user:
name: ui-user # Separated user for UI login
password: ui-pass
roles: ADMIN # Added roles to ensure authorization

Request for Assistance
Since the KsqlDB server returns 200 OK, the 403 error must be generated by the Kafka UI server itself when proxying the POST request. This strongly suggests a Spring Security configuration or CSRF handling bug within Kafka UI for KSQL POST requests under Basic Auth.
Could you please confirm if this is a known bug in specific Kafka UI versions, or if there is a required Spring Security setting (e.g., a specific role or a change to the default security filter chain) in application.yml to allow the KSQL /v2POST requests to pass the internal authorization check?
Thank you for your help.