我需要激活CORS以便从我的网站到Apache Tomcat(7.0.52)中的java服务器的跨域请求。
我在AngularJS中使用GET,PUT,OPTIONS和POST方法。例如:
$http.get("http://domainWithTomcat.net/javaAppName/api/Picking").success(function (result) {
$scope.recepcionesPicking = result;
$scope.startPagination();
});
这就是我的web.xml:
<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<session-config>
<session-timeout>
30
</session-timeout>
</session-config>
<listener>
<listener-class>
es.rumbosistemas.sctrakker.datos.HibernateContextListenerAndFilter
</listener-class>
</listener>
<filter>
<filter-name>HibernateContextListenerAndFilter</filter-name>
<filter-class>es.rumbosistemas.sctrakker.datos.HibernateContextListenerAndFilter</filter-class>
</filter>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:applicationContext.xml</param-value>
</context-param>
<servlet>
<servlet-name>dispatcher</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<filter-mapping>
<filter-name>HibernateContextListenerAndFilter</filter-name>
<url-pattern>/api/*</url-pattern>
</filter-mapping>
<servlet-mapping>
<servlet-name>dispatcher</servlet-name>
<url-pattern>/api/*</url-pattern>
</servlet-mapping>
<filter>
<filter-name>FilterSecurity</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>FilterSecurity</filter-name>
<url-pattern>/Application/*</url-pattern>
<url-pattern>/api/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>CorsFilter</filter-name>
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
<init-param>
<param-name>cors.allowed.origins</param-name>
<param-value>*</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.methods</param-name>
<param-value>GET,POST,HEAD,OPTIONS,PUT</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.headers</param-name>
<param-value>Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers</param-value>
</init-param>
<init-param>
<param-name>cors.exposed.headers</param-name>
<param-value>Access-Control-Allow-Origin,Access-Control-Allow-Credentials</param-value>
</init-param>
<init-param>
<param-name>cors.support.credentials</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>cors.preflight.maxage</param-name>
<param-value>10</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CorsFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>
控制台日志告诉我这个:
XMLHttpRequest cannot load http://domainWithTomcat.net/javaAppName/api/Picking. The request was redirected to 'http://domainWeb.com/Login/index.html', which is disallowed for cross-origin requests that require preflight.
并且,请求和响应的标题是:
请求标题
OPTIONS /APP/api/Session HTTP/1.1
Host: domainWithTomcat.com
Connection: keep-alive
Access-Control-Request-Method: POST
Origin: http://www.myWeb.com
User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.111 Safari/537.36
Access-Control-Request-Headers: accept, content-type
Accept: */*
Referer: http://www.myWeb.com/web/Login/index.html
Accept-Encoding: gzip,deflate,sdch
Accept-Language: es-ES,es;q=0.8,en;q=0.6
响应标头
HTTP/1.1 302 Found
Content-Length: 0
Location: http://myWeb.net/myAppClient/Login/index.html
Server: Microsoft-IIS/8.0
Set-Cookie: JSESSIONID=52886875C222C5E276FBFCB9CED1517F; Path=/SCTM/; HttpOnly
Access-Control-Allow-Origin: *
X-Powered-By: ASP.NET
Set-Cookie: ARRAffinity=6c6b3d5a9861fd850ca4be11e8881705c4f3156c038ab6ca4f4a57a798d12b9b;Path=/;Domain=tomcatDomain.com
Date: Mon, 17 Nov 2014 08:06:11 GMT
我的tomcat在Azure中,如果重要的话......
好的,感谢maslan现在我可以登录,但我有另一个问题。 当我发出新请求时,服务器不会放置会话并创建新会话,因此我的过滤器会检测到我没有登录并且请求失败。任何的想法? 我可以在Tomcat中看到具有用户名作为会话变量的会话。但是对于我提出的每个请求,都会创建一个新会话。好像客户没有保持coockies ...我不知道
感谢您的回复!
答案 0 :(得分:0)
您正在使用Spring MVC,并且Dispatcher Servlet默认配置为拦截OPTIONS。您需要在web.xml中配置它:
<servlet>
<servlet-name>yourServlet</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>dispatchOptionsRequest</param-name>
<param-value>true</param-value>
</init-param>
<load-on-startup>1</load-on-startup></servlet>
答案 1 :(得分:0)
mvn dependecy
<dependency>
<groupId>com.thetransactioncompany</groupId>
<artifactId>cors-filter</artifactId>
<version>2.1.2</version>
</dependency>
<dependency>
<groupId>com.thetransactioncompany</groupId>
<artifactId>java-property-utils</artifactId>
<version>1.9.1</version>
</dependency>
并在web.xml中
<filter>
<filter-name>CORS</filter-name>
<filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CORS</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>