在我以前的文章中,我試圖發送一個JSON,帶有一個從angular到spring的mvc的列表方法。 現在它工作正常! 控制器:Angular 1.4,POST,Spring Security,CORS
@RequestMapping(value="/create/", method=RequestMethod.POST)
@ResponseBody
public StatusResponse create(@RequestBody EventsDTO events) throws TechnicalException {
return new StatusResponse();
}
角:
var _queryPost = function(url, data, defData) {
$http({
headers: {'Content-Type': 'application/json',
'Accept': 'application/json'},
method: 'POST',
url: url,
//params: data,
data: data,
withCredentials: true
})
.success(function (data, status, headers, config) {
defData.$resolve(data);
$log.info(data);
})
.error(function (data, status, headers, config) {
defData.$reject(data);
});
return defData;
};
但要成功,我不得不發表評論春季安全... 當我使用Spring Security,我得到了錯誤401變成OPTIONS請求POST請求。 閱讀了很多文檔和文章後,我明白了: 1-在發送POST請求之前完成了第一個OPTIONS請求(這是一個檢查)012-2-發生錯誤是因爲「Content-type」值是「application/JSON」。 允許的內容類型值是「應用程序/ x-www-form-urlencoded」和其他我已經忘記但不是「應用程序/ json」
問題是,如果我更改我的Content-type在角我得到錯誤415 ....
我已經tryed型動物的事情我發現,像一些在角補充說:
$httpProvider.defaults.headers.common['X-XSRF-Token'] = $('meta[name=csrf-token]').attr('content')
$httpProvider.defaults.withCredentials = true;
$httpProvider.defaults.headers.common={'Accept' : 'application/json'};
$httpProvider.defaults.headers.post={'Content-Type' : 'application/json'};
$httpProvider.defaults.useXDomain = true;
delete $httpProvider.defaults.headers.common['X-Requested-With'];
但我認爲它不具有角版> 1.2的工作(我使用1.4) 這是我在web.xml中的Spring安全配置:
<!-- CORS related filter -->
<filter>
<filter-name>CORS</filter-name>
<filter-class>
org.eclipse.jetty.servlets.CrossOriginFilter
</filter-class>
<init-param>
<param-name>allowedOrigins</param-name>
<param-value>*</param-value>
</init-param>
<init-param>
<param-name>allowedMethods</param-name>
<param-value>GET,POST,DELETE,PUT,HEAD,OPTIONS</param-value>
</init-param>
<init-param>
<param-name>allowedHeaders</param-name>
<param-value>
origin, content-type, accept, authorization,
x-requested-with, access-token, x-xsrf-token
</param-value>
</init-param>
<init-param>
<param-name>supportsCredentials</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CORS</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- Spring Security Filters -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
那麼,我能做些什麼來通過我的EventsDTO bean與彈簧安全? 我必須更改Angular配置或彈簧安全配置嗎?如何 ?
你喜歡香檳嗎?它適用於CrossOriginFilter配置!萬分感謝 !!!! – anakin59490