spring casauthenticationentrypoint给了我cors错误

kh212irz  于 2021-07-13  发布在  Java
关注(0)|答案(0)|浏览(197)

当我的casauthenticationentrypoint将用户重定向到登录页时,该调用会给我一个cors错误:
'访问xmlhttprequest'https://mycompany.com/cas/login?service=http%3a%2f%2flocalhost%3a8082%2fmyservice%2fj_spring_cas_security_check'(重定向自'http://localhost:4200/myservice/api/home/')来自源站'http://localhost:4200'已被cors策略阻止:对飞行前请求的响应未通过访问控制检查:否请求的资源上存在“access control allow origin”标头。
当用户加载主页,然后调用casauthenticationentrypoint重定向请求时,会出现此错误。然后用户被重定向到我的cas登录页面(不知道它是如何工作的),但是登录不起作用-登录之后,用户只看到一个空白页面。
我已经尝试了所有我在线程中看到的东西,比如这个- Spring 启动cors过滤器-cors飞行前通道没有成功
但是没有一个能让这个错误消失。。。它似乎是由casauthenticationentrypoint引起的。有人能告诉我我做错了什么吗?如何为我的casauthenticationentrypoint发送飞行前cors标头?
我将把代码复制到下面。在这段复制的代码中,我仅有的cors是将cors()添加到websecurityconfigureradapter类的configure函数中。这目前不起作用。
这是我的WebSecurity配置适配器类:

@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

    @Bean
    public ServiceProperties serviceProperties() {
        ServiceProperties sp = new ServiceProperties();
        sp.setService(casServiceUrl);
        sp.setSendRenew(false);
        return sp;
    }

    @Bean
    public CasAuthenticationProvider casAuthenticationProvider() {
        CasAuthenticationProvider casAuthenticationProvider = new CasAuthenticationProvider();
        casAuthenticationProvider.setAuthenticationUserDetailsService(customUserDetailsService());
        casAuthenticationProvider.setServiceProperties(serviceProperties());
        casAuthenticationProvider.setTicketValidator(cas20ServiceTicketValidator());
        casAuthenticationProvider.setKey("an_id_for_this_auth_provider_only");
        return casAuthenticationProvider;
    }

    @Bean
    public AuthenticationUserDetailsService<CasAssertionAuthenticationToken> customUserDetailsService() {
        return new CasUserDetailsService(adminList());
    }

    @Bean
    public SessionAuthenticationStrategy sessionStrategy() {
        return new SessionFixationProtectionStrategy();
    }

    @Bean
    public Cas20ServiceTicketValidator cas20ServiceTicketValidator() {
        return new Cas20ServiceTicketValidator(casUrlPrefix);
    }

    @Bean
    public CasAuthenticationFilter casAuthenticationFilter() throws Exception {
        CasAuthenticationFilter casAuthenticationFilter = new CasAuthenticationFilter();
        casAuthenticationFilter.setAuthenticationManager(authenticationManager());
        casAuthenticationFilter.setSessionAuthenticationStrategy(sessionStrategy());
        return casAuthenticationFilter;
    }

    @Bean
    public CasAuthenticationEntryPoint casAuthenticationEntryPoint() {
        CasAuthenticationEntryPoint casAuthenticationEntryPoint = new CasAuthenticationEntryPoint();
        casAuthenticationEntryPoint.setLoginUrl(casUrlLogin);
        casAuthenticationEntryPoint.setServiceProperties(serviceProperties());
        return casAuthenticationEntryPoint;
    }

    @Bean
    public SingleSignOutFilter singleSignOutFilter() {
        SingleSignOutFilter singleSignOutFilter = new SingleSignOutFilter();
        return singleSignOutFilter;
    }

    @Bean
    public LogoutFilter requestCasGlobalLogoutFilter() {
        LogoutFilter logoutFilter = new LogoutFilter(casUrlLogout + "?service=" + appServiceHome,
                new SecurityContextLogoutHandler());
        logoutFilter.setLogoutRequestMatcher(new AntPathRequestMatcher("/logout", "POST"));
        return logoutFilter;
    }

    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) {
        auth.authenticationProvider(casAuthenticationProvider());
    }

    @Override
    public void configure(WebSecurity web) {
        web.ignoring().antMatchers("/fonts/**").antMatchers("/images/**").antMatchers("/scripts/**")
                .antMatchers("/styles/**").antMatchers("/views/**").antMatchers("/i18n/**").antMatchers("/sa/hrl/**");
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        //enable the health actuator. No need to add actuator/ in front of the end point
        http.cors().and().authorizeRequests().requestMatchers(EndpointRequest.to("health")).permitAll();
        http.addFilterAfter(new CsrfCookieGeneratorFilter(), CsrfFilter.class).exceptionHandling()
                .authenticationEntryPoint(casAuthenticationEntryPoint()).and().addFilter(casAuthenticationFilter())
                .addFilterBefore(singleSignOutFilter(), CasAuthenticationFilter.class)
                .addFilterBefore(requestCasGlobalLogoutFilter(), LogoutFilter.class)
                .anonymous().authenticationFilter(saAuthFilter).authenticationProvider(customAuthProvider);

        http.authorizeRequests()
                .antMatchers("/login", "/logout", "/**").authenticated();

        http.logout().logoutUrl("/hiddenrevenuelocator/logout").logoutSuccessUrl("/").invalidateHttpSession(true)
                .deleteCookies("JSESSIONID");

        http.csrf().disable();
    }
}

下面是我的WebMVCConfiguer类:

@Configuration
public class WebConfiguration implements WebMvcConfigurer {

    @Autowired
    Environment env;

    private final AuthData authData;

    private final UMSService umsService;

    private CasRequestInterceptorHelper casRequestInterceptorHelper;

    private SARequestInterceptorHelper saRequestInterceptorHelper;

    @Autowired
    public WebConfiguration(
            AuthData authData, UMSService umsService, CasRequestInterceptorHelper casRequestInterceptorHelper, SARequestInterceptorHelper saRequestInterceptorHelper) {
        this.authData = authData;
        this.umsService = umsService;
        this.casRequestInterceptorHelper = casRequestInterceptorHelper;
        this.saRequestInterceptorHelper = saRequestInterceptorHelper;
    }

    @Bean
    @Primary
    public RequestInterceptor requestInterceptor() {
        return new RequestInterceptor(authData, umsService, casRequestInterceptorHelper, saRequestInterceptorHelper);
    }

    @Override
    public void addInterceptors(InterceptorRegistry registry) {

        registry.addInterceptor(requestInterceptor())
                .addPathPatterns("/**");
    }

    @Override
    public void addResourceHandlers(ResourceHandlerRegistry registry) {
        // All resources go to where they should go
        registry
                .addResourceHandler("/**/*.css", "/**/*.svg", "/**/*.html", "/**/*.js", "/**/*.js.map", "/**/*.png", "/**/*.ico", "/**/*.svg", "/**/*.jpg", "/**/*.jpeg")
                .addResourceLocations("classpath:/static/");

        registry.addResourceHandler("/", "/**")
                .addResourceLocations("classpath:/static/index.html")
                .resourceChain(true)
                .addResolver(new PathResourceResolver() {
                    @Override
                    protected Resource getResource(String resourcePath, Resource location) {
                        if (resourcePath.startsWith(AppConstant.REST_ENDPOINT_BASE) || resourcePath.startsWith(AppConstant.REST_ENDPOINT_BASE.substring(1))) {
                            return null;
                        }
                        return location.exists() && location.isReadable() ? location : null;
                    }
                });
    }

}
Javaspringspring-securitycors

暂无答案!

目前还没有任何答案,快来回答吧!

我来回答

相关问题

    查看更多
    微信公众号

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com