【问题标题】:CORS Between Spring Boot(Spring Security) and Enterprise Authentication applicationsSpring Boot(Spring Security)和企业认证应用程序之间的 CORS
【发布时间】:2018-11-27 10:21:08
【问题描述】:

即使在设置了所需的标头(例如 Access-Control-Allow-Originhttp://localhost:4200Access-Control-Allow-Credentialstrue 等等之后,我也遇到了 CORS 问题。

Response from previous request:
HTTP/1.1 302 Found 
Access-Control-Allow-Credentials: true 
Access-Control-Allow-Headers: Special-Response-Header, Header2 
Access-Control-Allow-Origin: http://localhost:4200 
Access-Control-Expose-Headers: Special-Response-Header, Header2 
Access-Control-Max-Age: 3600 
Access-Control-Request-Headers: Special-Response-Header, Header2 
Cache-Control: no-cache, no-store, max-age=0, must-revalidate 
Content-Length: 0 Date: Mon, 18 Jun 2018 13:03:46 GMT 
Expires: 0 
Location: <<Replace with Org Authentication URL>> 
Origin: http://localhost:4200 
Pragma: no-cache 
Set-Cookie: dtCookie=8$C38554BBC14802D7BCFE9A5E047AA962;domain=rbc.com;path=/ Set-Cookie: JSESSIONID=26A7EB71BD36D31EFE6A701320DFA0C3;path=/;Secure;HttpOnly Set-Cookie: __VCAP_ID__=0a838736-ad8b-40b9-4aa5-e972; Path=/; HttpOnly; Secure Strict-Transport-Security: max-age=31536000 ; includeSubDomains X-Content-Type-Options: nosniff X-Frame-Options: DENY X-Vcap-Request-Id: 61cc9d4e-29ba-4b11-7f0b-82ec01cbc0a6 X-Xss-Protection: 1; mode=block

当前请求:

GET <<Replace with Org Authentication Get method params>> 
HTTP/1.1 
Host: mrkdlvaiaas493.devfg.rbc.com:9443 
Connection: keep-alive 
Accept: application/json, text/plain, */* 
Origin: null 
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.119 Safari/537.36 Referer: http://localhost:4200/startBatch/2018-04-27 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9

错误:

Failed to <<Replace with Org Authentication URL>>: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access.

【问题讨论】:

  • 什么版本的弹簧靴。您使用哪种方法在 Spring 应用程序中启用 CORS?跨原点注释?
  • @LucasHolt:谢谢您的回复。我正在使用 Spring Boot 1.5.2。我尝试使用 CORS 注释我的本地端点,使用 WebMvcConfigurer 设置配置(以更新 CorsRegistry)并添加自定义过滤器类(以更新响应)。

标签: spring spring-boot spring-security cors


【解决方案1】:

尝试像这样声明一个bean:(启用cors)

@Configuration
public class SecurityBasicConfigurations {

  @Bean
  public WebMvcConfigurer corsOriginConfigurer() {
    return new WebMvcConfigurer() {
        @Override
        public void addCorsMappings( CorsRegistry registry ) {
            registry.addMapping( "/*" )
                    .allowedMethods( "*" )
                    .allowedOrigins( "http://localhost:4200" )
                    .allowedHeaders( "*" );
        }
    };
  }

}

【讨论】:

  • 感谢您的回复。我已经尝试过这个,但没有运气。
猜你喜欢
  • 2019-07-16
  • 2017-10-30
  • 2016-08-26
  • 2017-03-21
  • 2017-01-30
  • 2017-09-09
相关资源
最近更新 更多