【发布时间】:2019-04-03 08:17:30
【问题描述】:
我有使用 Angular 6 登录的用户服务是:
loginUser(user:any):Observable<any>{
const headers=new HttpHeaders({'Access-Control-Allow-Origin':'*'});
return this.http.post("http://localhost:8080/login",user,{headers:headers});
}
saveUser(user:any):Observable<any>{
const headers=new HttpHeaders({'Access-Control-Allow-Origin':'*'});
return this.http.post("http://localhost:8080/registration",user,{headers:headers});
}
并且我在 spring boot 中启用了所有 OPTIONS 为 permitAll :
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
httpSecurity.csrf().disable().exceptionHandling().authenticationEntryPoint(authenticationEntryPoint).and()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
.authorizeRequests().
antMatchers("/**").permitAll()
.antMatchers("/registration").permitAll()
.antMatchers("/login").permitAll()
.antMatchers(HttpMethod.OPTIONS,"/**").permitAll()
.anyRequest().authenticated().and()
.formLogin()
.and()
.httpBasic();;
httpSecurity.addFilterBefore(authenticationTokenFilterBean(), UsernamePasswordAuthenticationFilter.class)
.addFilterAfter(new CsrfHeaderFilter(), CsrfFilter.class);
httpSecurity.headers().cacheControl();
httpSecurity.headers().httpStrictTransportSecurity().includeSubDomains(true).maxAgeInSeconds(31536000);
}
当我尝试从设置这些项目的计算机上登录和注册时 但是,当我使用我的 IP 地址(如 192.168.1.111:8080/login)从其他计算机访问我的本地主机时,它向我显示了第一个错误,例如:
Failed to load http://localhost:8080/login: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://192.168.1.111:8090' is therefore not allowed access.
然后我在 chrome 中添加了 Allowed cross origin extension,它再次向我显示了如下错误:
Response for preflight does not have HTTP ok status.
【问题讨论】:
标签: java spring angular spring-boot angular6