我是Spring安全的新手,现在正在研究SSO登录功能,以从零开始在前端为Angular 4的已经运行的Spring Boot应用程序中实现。但是,当我从Angular发送请求时,一次又一次地收到此错误春季启动。
请按如下所示提供我的CORSFilter.java文件。我了解我的请求已被此处应用的CORSFilter阻止。但是我不知道为什么它阻止了我的请求。
请查看我的CORSFilter文件。
/**
* Cross origin filter
*/
@Component
@Order(Ordered.HIGHEST_PRECEDENCE)
public class CORSFilter implements Filter {
/**
* CORS filter for http-request and response
*/
public CORSFilter() { }
/**
* Do Filter on every http-request.
*/
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
HttpServletResponse response = (HttpServletResponse) res;
HttpServletRequest request = (HttpServletRequest) req;
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "access_token, authorization, content-type");
System.out.println("CORSFilter 2: " + request.getMethod());
if ("OPTIONS".equalsIgnoreCase(request.getMethod())) {
response.setStatus(HttpServletResponse.SC_OK);
} else {
chain.doFilter(req, res);
}
}
/**
* Destroy method
*/
@Override
public void destroy() { }
/**
* Initialize CORS filter
*/
@Override
public void init(FilterConfig arg0) throws ServletException { }
}
这是我现在正在调用后端的Angular代码。
this.http.get( URL.GET_USER + '/' + email, this.commonRepository.getCommonRequestOptionsForJSON( URL.BEARER ) ).pipe(
map( response => response.json() ),
catchError( e => this.handleError( e ) ) );
SSO登录后我有令牌,但是我想调用本地计算机API来验证令牌到期,我是从云服务器上获取的。