春季启动-预检响应没有HTTP正常状态

时间:2018-09-05 08:59:50

标签: angular spring-boot spring-security cors preflight

我正在使用Angular 5制作网络,每次尝试执行$filter = '(Enabled -eq $false) -and (msExchRecipientTypeDetails -ne 4) -and (homeMDB -ne "$null")' $properties = @('homeMDB', 'mailNickName', 'mail', 'DisplayName', 'SamAccountName', 'ProxyAddresses') Get-ADUser -Filter $filter -Properties $properties | ForEach-Object { $stat = Get-MailboxStatistics $_.SamAccountName $smtpAddresses = ($_.ProxyAddresses | Where-Object {$_ -match "^smtp:" }) -replace 'smtp:', '' # Normally, the 'mail' attribute of a user is set to be the Primary email address, but # this need not be the case, as Exchange uses the ProxyAddresses attribute. # The PrimarySMTPAddress can be extracted from the ProxyAddresses with: $primarySmtpAddress = ($_.ProxyAddresses | Where-Object {$_ -cmatch "^SMTP:" }) -replace 'SMTP:', '' # or by using the EmailAddress property from the user object. # You will then need to add 'EmailAddress' to the '$properties' array above # $primarySmtpAddress = $_.EmailAddress # See if there are delegate users and what access rights they have $delegates = @(Get-MailboxPermission -Identity $primarySmtpAddress | Where-Object { ($_.AccessRights -like "*FullAccess*") -and (-not $_.IsInherited) -and ($_.User -ne "NT AUTHORITY\SELF") -and ($_.User -notlike '*Discovery Management*') } | Select-Object @{Name='Delegate'; Expression={(Get-Recipient $_.User.toString()).DisplayName}}, @{Name='AccessRights';Expression={$_.AccessRights -join ', '}}) ############################################################################## # The resulting $delegates is an array, so if you want to only get output for # mailboxes that actually HAVE delegate users, you can uncomment the next line ############################################################################## # if ($delegates.Count -eq 0) { continue } # this can become a LONG column if you want to see the accessrights per user.. $access = $delegates | ForEach-Object { "{0} ({1})" -f $_.Delegate, ($_.AccessRights -join ', ') } New-Object -TypeName PSObject -Property ([ordered]@{ DisplayName = $_.DisplayName mailNickName = $_.mailNickName SamAccountName = $_.SamAccountName mail = $_.mail PrimarySMTPAddress = $primarySmtpAddress ProxyAddresses = $smtpAddresses -join ';' HomeMDB = $_.homeMDB.Split(',=')[1] MBytes = $stat.TotalItemSize.Value.ToMB() LastLogonTime = $stat.LastLogonTime LastLoggedOnUserAccount = $stat.SamAccountName DisconnectDate = $stat.DisconnectDate Delegates = $delegates.Delegate -join ', ' AccessRights = $access -join ', ' }) } | Sort-Object MBytes -Descending | Export-Csv C:\EE\Results.csv -NoTypeInformation 请求时都会遇到此错误。我在这里读了成千上万的答案,但没有一个对我有用。

正如我所阅读的,这是因为我正在向此请求添加自定义标头,因为我使用的是Spring Security,所以我认为这是造成问题的原因,因此需要完成此操作。这是我当前的Spring Security配置,我是通过阅读问题而制成的,但仍无法正常工作,我不知道自己是否在做错事情:

GET

希望您能对此有所帮助,因为我为此一直挣扎了几天。我认为这里的问题显然是import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.http.HttpMethod; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.web.cors.CorsConfiguration; import org.springframework.web.cors.CorsConfigurationSource; import org.springframework.web.cors.UrlBasedCorsConfigurationSource; import java.util.Arrays; @Configuration @EnableWebSecurity public class SecurityConfiguration extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { http .cors() .and() .authorizeRequests().anyRequest().permitAll() .and() .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS) .and() .csrf().disable(); } @Override public void configure(WebSecurity web ) throws Exception { web.ignoring().antMatchers( HttpMethod.OPTIONS, "/**" ); } @Bean CorsConfigurationSource corsConfigurationSource() { CorsConfiguration configuration = new CorsConfiguration(); configuration.setAllowedOrigins(Arrays.asList("*")); configuration.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS")); configuration.setAllowedHeaders(Arrays.asList("authorization", "content-type", "x-auth-token")); configuration.setExposedHeaders(Arrays.asList("x-auth-token")); UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); source.registerCorsConfiguration("/**", configuration); return source; } } ,我的CORS请求被转换为GETOPTIONS的自定义headers

我还要提到我正在将Spring Boot与Jersey一起使用。

谢谢。

2 个答案:

答案 0 :(得分:2)

我能够这样解决这个问题:

我的WebMvcConfiguration: 

@Configuration
@EnableWebMvc
public class WebConfiguration extends WebMvcConfigurationSupport {

    @Override
    public void addResourceHandlers(ResourceHandlerRegistry registry) {
        registry.addResourceHandler("/**");
    }

}

我的安全配置: 

@Override
protected void configure(HttpSecurity http) throws Exception {
  http
          .cors().disable()
          .authorizeRequests()
          .antMatchers(HttpMethod.OPTIONS, "/**").permitAll()
          .anyRequest()
          .fullyAuthenticated()
          .and()
          .httpBasic()
          .and()
          .csrf().disable();
}

答案 1 :(得分:0)

添加以下配置,

@Configuration
public class CorsConfig {
    @Bean
    public WebMvcConfigurer corsConfigurer() {
        return new WebMvcConfigurerAdapter() {
            @Override
            public void addCorsMappings(CorsRegistry registry) {
                registry.addMapping("/**").allowedMethods("GET", "POST", "PUT", "DELETE").allowedOrigins("*")
                        .allowedHeaders("*");
            }
        };
    }
}
相关问题
最新问题