我使用 Spring 实现了其余 Web 服务。当我将它作为 Spring Boot 应用程序部署在 Eclipse 中时,它可以正常工作。但是,当我在同一台机器上的 Tomcat 7 中部署它时,它不起作用。错误信息如下:
XMLHttpRequest cannot load http://localhost:8080/ristoreService/oauth/token. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://127.0.0.1:8081' is therefore not allowed access.
我的 CORS 过滤器如下所示:
@Component
@Order(Ordered.HIGHEST_PRECEDENCE)
public class CORSFilter implements Filter {
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
response.setHeader("Access-Control-Allow-Origin", "http://127.0.0.1:8081");
response.setHeader("Access-Control-Allow-Credentials", "true");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "Content-Type, Accept, X-Requested-With, remember-me, "
+ "Origin,Access-Control-Request-Method, Access-Control-Request-Headers, Authorization");
if ("OPTIONS".equalsIgnoreCase(request.getMethod())) {
response.setStatus(HttpServletResponse.SC_OK);
} else {
chain.doFilter(req, res);
}
}
如果我注释掉 response.setHeader("Access-Control-Allow-Origin", "http://127.0.0.1:8081");
,我仍然会遇到同样的错误。即使我在 Eclipse 中部署,如果没有这条线,它也不会工作。为什么同一个ip部署在不同环境下表现不同?
编辑:
我用 rest 客户端测试器“CocoaRestClient”测试了 url http://localhost:8080/ristoreService/oauth/token
并得到了 404。所以我编了一个显然不存在的 url http ://localhost:8080/xxxxx
并在 UI (angularjs) 中运行它,再次出现 CORS 错误。我认为这个错误有点误导,它毕竟是一个 404。但是为什么在 Tomcat 的 webapps 下以名称 ristoreService.war 成功部署 war 时它提示找不到?
最佳答案
尝试使用 FilterRegistrationBean。在 Java Config 中看起来像这样:
@Bean
public FilterRegistrationBean authorizationFilter(){
FilterRegistrationBean filterRegBean = new FilterRegistrationBean();
filterRegBean.setFilter(authorizationFilter);
List<String> urlPatterns = new ArrayList<String>();
urlPatterns.add("/v1/*");
filterRegBean.setUrlPatterns(urlPatterns);
return filterRegBean;
}
您有什么理由不使用 Spring Boot 的 CORS 功能?它已经支持开箱即用,您只需配置它。您可以像这样全局启用它:
@Bean
public WebMvcConfigurer corsConfigurer() {
return new WebMvcConfigurerAdapter() {
@Override
public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/**").allowedOrigins("*");
}
};
}
关于eclipse - rest 服务在 Eclipse 中部署时有效,但在 Tomcat 中无效,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/38774654/