Angular 2,Oauth2,CORS错误:没有'Access-Control-Allow-Origin'

时间:2017-06-05 16:15:59

标签: rest angular spring-security oauth cors

目前我尝试使用angular 2登录spring oauth2。

点击我的角色登录时出现此错误:

  

XMLHttpRequest无法加载http://localhost:8080/REM/oauth/token。没有   请求中存在“Access-Control-Allow-Origin”标头   资源。因此不允许来源“http://localhost:3000”   访问。

login(username: string, password: string) {
let headers = new Headers();
headers.append('Content-Type', 'application/x-www-form-urlencoded; charset=utf-8');
headers.append('Accept', 'application/json');

let options = new RequestOptions({ headers: headers });

let params = new URLSearchParams();
params.append('grant_type', "password");  
params.append('client_id', "client");
params.append('client_secret', "secret");
params.append('username', "user");
params.append('password', "pass");                             

return this.http.post(this.urlLogin, params.toString(), options).map(this.extractData);}

CORS 

<mvc:cors>
    <mvc:mapping path="/**" allowed-origins="http://localhost:3000, *"
        allowed-methods="POST, GET, PUT, DELETE"
        allowed-headers="X-Requested-With, Content-Type, X-Codingpedia,Authorization, Accept, Origin"
        allow-credentials="false" max-age="3600" />
</mvc:cors>

请在以下位置找到完整的服务器配置: https://github.com/robbyrahmana/Config

1 个答案:

答案 0 :(得分:0)

我在春季启动时使用它 你可以看到并做出一些分歧

@Component

@Order(Ordered.HIGHEST_PRECEDENCE)

public class SimpleCORSFilter实现Filter {

@Override
public void init(FilterConfig fc) throws ServletException {
}

@Override
public void doFilter(ServletRequest req, ServletResponse resp,
                     FilterChain chain) throws IOException, ServletException {
    HttpServletResponse response = (HttpServletResponse) resp;
    HttpServletRequest request = (HttpServletRequest) req;
    response.setHeader("Access-Control-Allow-Origin", "*");
    response.setHeader("Access-Control-Allow-Methods", "PATCH,POST,GET,OPTIONS,DELETE");
    response.setHeader("Access-Control-Max-Age", "3600");
    response.setHeader("Access-Control-Allow-Headers", "x-requested-with, authorization, Content-Type, Authorization, credential, X-XSRF-TOKEN");

    if ("OPTIONS".equalsIgnoreCase(request.getMethod())) {
        response.setStatus(HttpServletResponse.SC_OK);
    } else {
        chain.doFilter(req, resp);
    }

}

@Override
public void destroy() {
}

}

相关问题
最新问题