我正在尝试配置GWT应用程序以使用不同的后端服务器(运行Tomcat 7.0.26)。
我按照本网站的说明配置了CORS过滤器: http://software.dzhuvinov.com/cors-filter-installation.html
我使用了样本GWT代码(Greetings App),并进行了以下修改:
在GWT App中,我在RPC调用之前添加了这一行:
((ServiceDefTarget) greetingService).setServiceEntryPoint("http://remoteserver/testcors/greet");
我修改了web.xml并添加了CORS过滤器:
<filter>
<!-- The CORS filter with parameters -->
<filter-name>CORS</filter-name>
<filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class>
<!-- Note: All parameters are options, if ommitted CORS Filter will fall
back to the respective default values. -->
<init-param>
<param-name>cors.allowGenericHttpRequests</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>cors.allowOrigin</param-name>
<param-value>*</param-value>
</init-param>
<init-param>
<param-name>cors.allowSubdomains</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>cors.supportedMethods</param-name>
<param-value>GET, HEAD, POST, OPTIONS</param-value>
</init-param>
<init-param>
<param-name>cors.supportedHeaders</param-name>
<param-value>Content-Type, X-Requested-With</param-value>
</init-param>
<init-param>
<param-name>cors.exposedHeaders</param-name>
<param-value>X-Test-1, X-Test-2</param-value>
</init-param>
<init-param>
<param-name>cors.supportsCredentials</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>cors.maxAge</param-name>
<param-value>3600</param-value>
</init-param>
</filter>
<filter-mapping>
<!-- CORS Filter mapping -->
<filter-name>CORS</filter-name>
<url-pattern>/testcors/greet</url-pattern>
</filter-mapping>
如果我从“remoteserver”访问TestCORS应用程序,一切正常,我可以看到添加了这些标题:
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Access-Control-Allow-Origin: http://remoteserver
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: X-Test-2, X-Test-1
Content-Encoding: gzip
Content-Disposition: attachment
Content-Type: application/json;charset=utf-8
Content-Length: 214
Date: Sun, 24 Feb 2013 15:12:42 GMT
但如果我访问在本地计算机上运行的相同TestCORS GWT应用程序(127.0.0.1:8888),我会收到此错误:
请求标题:
OPTIONS /testcors/greet HTTP/1.1
Host: remoteserver
Connection: keep-alive
Access-Control-Request-Method: POST
Origin: http://127.0.0.1:8888
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_2) AppleWebKit/537.17 (KHTML, like Gecko) Chrome/24.0.1312.57 Safari/537.17
Access-Control-Request-Headers: x-gwt-module-base, x-gwt-permutation, origin, content-type
Accept: */*
Referer: http://127.0.0.1:8888/TestCORS.html
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
回复标题:
HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Content-Type: text/plain;charset=ISO-8859-1
Content-Length: 96
Date: Sun, 24 Feb 2013 15:14:38 GMT
我尝试了不同的浏览器(Chrome版本24.0.1312.57,Safari版本6.0.2(8536.26.17),Firefox 18.0.2,Opera版本12.14),我得到了服务器返回的相同错误 - HTTP 403。 / p>
我看到很少有人遇到类似的问题,但我找不到解决方案:
非常感谢任何帮助!
答案 0 :(得分:1)
之前我没有使用过这个过滤器,我更喜欢像this这样最简单的过滤器。
无论如何,在您的情况下,似乎您没有正确配置gwt需要工作的标头,您的应用程序正在发送:
Access-Control-Request-Headers: x-gwt-module-base, x-gwt-permutation, origin, content-type
因此,您的配置应该具有:
<init-param>
<param-name>cors.supportedHeaders</param-name>
<param-value>x-gwt-module-base, x-gwt-permutation, origin, content-type</param-value>
</init-param>
答案 1 :(得分:0)
感谢Vladimir,我也从这个网站上获得了CORS过滤器: http://software.dzhuvinov.com/cors-filter-installation.html
我在web.xml中添加了其他受支持的标头:
<init-param>
<param-name>cors.supportedHeaders</param-name>
<param-value>Content-Type, X-Requested-With, x-gwt-module-base, x-gwt-permutation, origin, content-type</param-value>
</init-param>