1
的的OAuth /令牌我們試圖實現的oauth2春下面配置:CORS在春天的oauth2
但是,當我們從另一個域調用/oauth/token
,我們得到了403錯誤。 如何配置/oauth/token
的CORS?
的的OAuth /令牌我們試圖實現的oauth2春下面配置:CORS在春天的oauth2
但是,當我們從另一個域調用/oauth/token
,我們得到了403錯誤。 如何配置/oauth/token
的CORS?
添加此過濾器可DispatcherServlet的根(/ *)和上述模式:
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.core.Ordered;
import org.springframework.core.annotation.Order;
import org.springframework.stereotype.Component;
@Component
@Order(Ordered.HIGHEST_PRECEDENCE)
public class SimpleCORSFilter implements Filter {
public SimpleCORSFilter() {
}
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
HttpServletResponse response = (HttpServletResponse) res;
HttpServletRequest request = (HttpServletRequest) req;
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE, PUT");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "x-requested-with, authorization, x-auth-token, origin, content-type, accept");
if ("OPTIONS".equalsIgnoreCase(request.getMethod())) {
response.setStatus(HttpServletResponse.SC_OK);
} else {
chain.doFilter(req, res);
}
}
@Override
public void init(FilterConfig filterConfig) {
}
@Override
public void destroy() {
}
}
註冊:
FilterRegistration corsFilterReg = servletContext.addFilter("simpleCORSFilter", SimpleCORSFilter.class);
corsFilterReg.addMappingForUrlPatterns(null, false, "/*");
FilterRegistration corsFilterReg = servletContext.addFilter( 「simpleCORSFilter」,SimpleCORSFilter.class); \t \t corsFilterReg.addMappingForUrlPatterns(null,false,「/ *」); – Gazeciarz
感謝您的支持。我們在哪裏註冊SimpleCORSFilter? – TaiNguyen
在實現WebApplicationInitializer的類中public void onStartup(final ServletContext servletContext)throws ServletException方法 – Gazeciarz