我正在使用Spring4作为angular应用程序的后端。当angular应用程序向spring应用程序发出请求时,我得到了一个错误
Access to**XMLHttpRequest at 'http://localhost:8080/AdminController/allAdmins' from origin 'http://localhost:4200' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.**我正在使用自定义筛选器验证我的筛选器的每个用户请求代码是:
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest httpReq = (HttpServletRequest) request;
HttpServletResponse httpResp = (HttpServletResponse) response;
// Ignoring the request URLs
if (Utils.ignoreURLs(IGNORE_URLS, httpReq.getRequestURI()) == true) {
filterChain.doFilter(request, response);
return;
}
// Fetching all the header params from request
HttpServletRequest httpRequest = (HttpServletRequest) httpReq;
Enumeration<String> headerNames = httpRequest.getHeaderNames();
String loggedUserId = null;
String authToken = null;
if (headerNames != null) {
while (headerNames.nextElement() != null && headerNames.hasMoreElements()) {
loggedUserId = httpRequest.getHeader(Constants.LOGGED_USER_ID);
authToken = httpRequest.getHeader(Constants.AUTH_TOKEN);
}
}
if (Utils.isBlank(loggedUserId) == true || Utils.isBlank(authToken) == true) {
httpResp.setContentType(MediaType.APPLICATION_JSON_VALUE);
mapper.writeValue(httpResp.getWriter(), getErrorDetailsMap());
return;
}
ApplicationContext appContext = AppContextConfig.getApplicationContext();
AccessManager accessManager = (AccessManager) appContext.getBean(AccessManager.class);
// I am validating authentication token here
if(accessManager.isValidToken(loggedUserId, authToken) == false) {
httpResp.setContentType(MediaType.APPLICATION_JSON_VALUE);
mapper.writeValue(httpResp.getWriter(), getErrorDetailsMap());
return;
}
filterChain.doFilter(request, response);
}
1条答案
按热度按时间avwztpqn1#
就用一个
@CrossOrigin控制器上的注解,并在securityconfig中定义此bean:编辑
或者问题是缺少标题,下面的过滤器就足够了。