在我的Web应用程序中,我需要调用其他Web服务(由我开发/管理)来通过其他API启动/管理资源。 Web服务在tomcat6上运行。我可以从浏览器日志中看到POST请求正在通过,但GET请求被禁止。如果我从Web服务本身拨打相同的电话,那么我没有看到任何问题。我已经为tomcat6定义了交叉源过滤器,并且在支持的方法中也提到了GET,但问题仍然存在。
我已经在应用程序服务器级别的web.xml中以这种方式定义了交叉源过滤器。我正在使用来自http://software.dzhuvinov.com/cors-filter.html的CORS过滤器库。这是一个tomcat6服务器,过滤器已定义在($ TOMCAT6_HOME / conf / web.xml),如下所示
<filter>
<filter-name>CORS</filter-name>
<filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class>
<init-param>
<param-name>cors.allowOrigin</param-name>
<param-value>*</param-value>
</init-param>
<init-param>
<param-name>cors.supportedMethods</param-name>
<param-value>GET, POST, HEAD, PUT, DELETE, OPTIONS</param-value>
</init-param>
<init-param>
<param-name>cors.supportedHeaders</param-name>
<param-value>*</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CORS</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
奇怪的是,webservice正在接受POST调用但是对于GET调用,它抛出了403 - Forbidden错误,告诉“禁止访问指定的资源”。
GET呼叫的标题如下
Request URL:https://remote.vm.mycompany.com/remote/tunnel?read:c2faeb31-4147-49e8-b8d3-53d89496e5ca:0
Request Method:GET
Status Code:403 Forbidden
Request Headersview source
Accept:*/*
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Connection:keep-alive
Host:remote.vm.mycompany.com
Origin:https://ec2-184-72-200-91.compute-1.amazonaws.com
Referer:https://ec2-184-72-200-91.compute-1.amazonaws.com/
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.71 Safari/537.36
Query String Parametersview sourceview URL encoded
read:c2faeb31-4147-49e8-b8d3-53d89496e5ca:0:
Response Headersview source
Access-Control-Allow-Credentials:true
Access-Control-Allow-Origin:https://ec2-184-72-200-91.compute-1.amazonaws.com
Content-Length:961
Content-Type:text/html;charset=utf-8
Date:Sun, 21 Jul 2013 17:17:37 GMT
Server:Apache-Coyote/1.1
Tomcat访问日志还显示GET请求已被禁止,但不会在任何日志中提供任何线索
- - - [21/Jul/2013:17:17:37 +0000] POST /remote/tunnel?connect HTTP/1.1 200 -
- - - [21/Jul/2013:17:17:37 +0000] GET /remote/tunnel?read:c2faeb31-4147-49e8-b8d3-53d89496e5ca:0 HTTP/1.1 403 -
这是我的servlet代码。我正在尝试集成guacamole(HTML5 VNC客户端作为webservice)
package com.mycompany.html5remote;
import java.util.Arrays;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import net.sourceforge.guacamole.GuacamoleException;
import net.sourceforge.guacamole.net.GuacamoleSocket;
import net.sourceforge.guacamole.net.GuacamoleTunnel;
import net.sourceforge.guacamole.net.InetGuacamoleSocket;
import net.sourceforge.guacamole.protocol.ConfiguredGuacamoleSocket;
import net.sourceforge.guacamole.protocol.GuacamoleClientInformation;
import net.sourceforge.guacamole.protocol.GuacamoleConfiguration;
import net.sourceforge.guacamole.servlet.GuacamoleHTTPTunnelServlet;
import net.sourceforge.guacamole.servlet.GuacamoleSession;
public class HttpTunnel extends GuacamoleHTTPTunnelServlet {
private Logger logger = LoggerFactory.getLogger(HttpTunnel.class);
@Override
protected GuacamoleTunnel doConnect(HttpServletRequest request) throws GuacamoleException {
HttpSession httpSession = request.getSession(true);
logger.info("Inside doConnect Method.");
GuacamoleClientInformation info = new GuacamoleClientInformation();
String hostname = request.getParameter("hostname");
String protocol = request.getParameter("protocol");
// Create socket
GuacamoleConfiguration config = new GuacamoleConfiguration();
config.setProtocol(protocol);
config.setParameter("hostname", hostname);
//config.setParameter("hostname", "ec2-184-73-104-108.compute-1.amazonaws.com");
if("vnc".equals(protocol)){
config.setParameter("port", "5901");
}else if ("rdp".equals(protocol)){
config.setParameter("port", "3389");
}else{
config.setParameter("port", "22");
}
logger.info("Set the configuration. Creating the socket connection now..");
// Return connected socket
GuacamoleSocket socket = new ConfiguredGuacamoleSocket(
new InetGuacamoleSocket("localhost", 4822),
config, info
);
logger.info("Successfully created socket connection.");
// Create tunnel from now-configured socket
GuacamoleTunnel tunnel = new GuacamoleTunnel(socket);
// Attach tunnel
GuacamoleSession session = new GuacamoleSession(httpSession);
session.attachTunnel(tunnel);
logger.info("Done");
return tunnel;
}
}
GuacamoleHTTPTunnelServlet(GPL许可)的文档为here
我可能错过了什么?还有其他地方我可以寻找线索吗?请帮忙
答案 0 :(得分:0)
您是否有与web.xml中配置的http方法相关的安全约束?我不确定你为什么要选择单独的api来过滤你的请求?