发送PUT请求时出现Spring + AngularJs + Tomcat 9.0 - 403错误

时间:2017-06-14 12:03:57

标签: java angularjs spring rest tomcat

点击“添加到购物车”时出现以下错误。

PUT http://localhost:8080/emusicstore/rest/cart/add/97 403()

viewProduct.jsp 

    <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>
    <%@taglib prefix="form" uri="http://www.springframework.org/tags/form" %>
    <%@include file="/WEB-INF/views/template/header.jsp" %> 
    <div class="container-wrapper">
<div class="container">
    <div class="page-header">
        <h1>Product Detail</h1>

        <p class="lead">Here is the detail information of the product!</p>
    </div>

    <div class="container" ng-app = "cartApp">
        <div class="row">
            <div class="col-md-5">
                <img src="<c:url value="/resources/images/${product.productId}.png" /> " alt="image"
                         style="width:100%"/>
            </div>

            <div class="col-md-5">
                <h3>${product.productName}</h3>
                <p>${product.productDescription}</p>
                <p>
                   <strong>Manufacturer</strong> : ${product.productManufacturer}
                </p>
                <p>
                    <strong>Category</strong> : ${product.productCategory}
                </p>
                <p>
                    <strong>Condition</strong> : ${product.productCondition}
                </p>
                <h4>${product.productPrice} USD</h4>

                <br>

                <c:set var="role" scope="page" value="${param.role}" />
                <c:set var="url" scope="page" value="/productList" />
                <c:if test="${role='admin'}">
                    <c:set var="url" scope="page" value="/admin/productInventory" />
                </c:if>

                <p ng-controller="cartCtrl">
                    <a href="<c:url value="${url}" />" class="btn btn-default">Back</a>
                    <a href="#" class="btn btn-warning btn-large"
                       ng-click="addToCart('${product.productId}')"><span
                            class="glyphicon glyphicon-shopping-cart"></span>Add To Cart</a>
                    <a href="<c:url value="/cart"/>" class="btn btn-default"><span class="glyphicon glyphicon-hand-right"></span>View Cart</a>
                </p>
            </div>
        </div>
    </div>



    <script src="<c:url value="/resources/js/controller.js" /> "></script>
 

controller.js 

    var cartApp = angular.module ("cartApp", []);

    cartApp.controller("cartCtrl", function ($scope, $http){

$scope.refreshCart = function (cartId) {
    $http.get('/emusicstore/rest/cart/'+$scope.cartId).success(function (data) {
       $scope.cart=data;
    });
};

$scope.clearCart = function () {
    $http.delete('/emusicstore/rest/cart/'+$scope.cartId).success($scope.refreshCart($scope.cartId));
};

$scope.initCartId = function (cartId) {
    $scope.cartId = cartId;
    $scope.refreshCart(cartId);


};

$scope.addToCart = function (productId) {
    $http.put('/emusicstore/rest/cart/add/'+productId).success(function (data) {
        $scope.refreshCart($http.get('/emusicstore/rest/cart/cartId'));
        alert("Product successfully added to the cart!")
    });
};

$scope.removeFromCart = function (productId) {
    $http.put('/emusicstore/rest/cart/remove/'+productId).success(function (data) {
        $scope.refreshCart($http.get('/emusicstore/rest/cart/cartId'));
    });
};

});

CartController.java 

    package com.store.emusicstore.controller;

    import java.util.logging.Logger;


    import javax.servlet.http.HttpServletRequest;


    import org.apache.commons.logging.Log;

    import org.springframework.beans.factory.annotation.Autowired;

    import org.springframework.http.HttpStatus;

    import org.springframework.stereotype.Controller;

    import org.springframework.web.bind.annotation.CrossOrigin;

    import org.springframework.web.bind.annotation.ExceptionHandler;

    import org.springframework.web.bind.annotation.PathVariable;

    import org.springframework.web.bind.annotation.RequestBody;

    import org.springframework.web.bind.annotation.RequestMapping;

    import org.springframework.web.bind.annotation.RequestMethod;

    import org.springframework.web.bind.annotation.ResponseBody;

    import org.springframework.web.bind.annotation.ResponseStatus;


    import com.store.emusicstore.dao.CartDao;

    import com.store.emusicstore.dao.ProductDao;

    import com.store.emusicstore.model.Cart;

    import com.store.emusicstore.model.CartItem;

    import com.store.emusicstore.model.Product;



    @Controller

    @RequestMapping("/rest/cart")

    public class CartController {

@Autowired
private CartDao cartDao;

@Autowired
private ProductDao productDao;

@RequestMapping(value="/{cartId}" , method = RequestMethod.GET)
public @ResponseBody Cart read(@PathVariable(value ="cartId") String cartId){
    return cartDao.read(cartId);

}
@RequestMapping(value="/{cartId}", method = RequestMethod.PUT)
@ResponseStatus(value = HttpStatus.NO_CONTENT)
public void update(@PathVariable(value = "cartId" ) String cartId, @RequestBody Cart cart) {
    cartDao.update(cartId, cart);
}

@RequestMapping(value = "/{cartId}", method = RequestMethod.DELETE)
@ResponseStatus(value = HttpStatus.NO_CONTENT)
public void delete(@PathVariable(value="cartId") String cartId) {
    cartDao.delete(cartId);
}

@RequestMapping(value="/add/{productId}", method = RequestMethod.PUT)
@ResponseStatus(value = HttpStatus.NO_CONTENT)
public void addItem(@PathVariable (value = "productId") String productId, HttpServletRequest request) {
    System.out.println("Inside addItem()");
    String sessionId = request.getSession(true).getId();
    Cart cart = cartDao.read(sessionId);
    if(cart == null) {
        cart = cartDao.create(new Cart(sessionId));
    }

    Product product = productDao.getProductById(Long.valueOf(productId));
    if (product == null) {
        throw new IllegalArgumentException(new Exception());
    }

    cart.addCartItem(new CartItem(product));

    cartDao.update(sessionId, cart);
}

@RequestMapping(value="/remove/{productId}", method=RequestMethod.PUT)
@ResponseStatus(value=HttpStatus.NO_CONTENT)
public void removeItem(@PathVariable Long productId, HttpServletRequest request) {
    String sessionId = request.getSession(true).getId();
    Cart cart = cartDao.read(sessionId);



    Product product = productDao.getProductById(productId);
    if (product == null || cart == null) {
        throw new IllegalArgumentException(new Exception());
    }

    cart.removeCartItem(new CartItem(product));

    cartDao.update(sessionId, cart);
}

@ExceptionHandler(IllegalArgumentException.class)
@ResponseStatus(value = HttpStatus.BAD_REQUEST, reason = "Illegal request, please verify your payload")
public void handleClientErrors(Exception e){}

@ExceptionHandler(Exception.class)
@ResponseStatus(value = HttpStatus.INTERNAL_SERVER_ERROR, reason = "Internal Server")
public void handleServerErrors(Exception e){}

}

的web.xml 

    <?xml version="1.0" encoding="UTF-8"?>


<!-- The definition of the Root Spring Container shared by all Servlets 
    and Filters -->
<context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>/WEB-INF/spring/root-context.xml</param-value>
</context-param>

<!-- Creates the Spring Container shared by all Servlets and Filters -->
<listener>
    <listener-class>org.springframework.web.context.ContextLoaderListener
    </listener-class>
</listener>


<!-- Processes application requests -->
<servlet>
    <servlet-name>appServlet</servlet-name>
    <servlet-class>org.springframework.web.servlet.DispatcherServlet
    </servlet-class>
    <init-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>/WEB-INF/spring/appServlet/servlet-context.xml
        </param-value>
    </init-param>
    <load-on-startup>1</load-on-startup>
</servlet>

<servlet-mapping>
    <servlet-name>appServlet</servlet-name>
    <url-pattern>/</url-pattern>
</servlet-mapping>



<filter>
    <display-name>springMultipartFilter</display-name>
    <filter-name>springMultipartFilter</filter-name>
    <filter-class>org.springframework.web.multipart.support.MultipartFilter
    </filter-class>
</filter>
<filter-mapping>
    <filter-name>springMultipartFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy
    </filter-class>
</filter>
<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

根context.xml中 

    <?xml version="1.0" encoding="UTF-8"?>


<!-- The definition of the Root Spring Container shared by all Servlets 
    and Filters -->
<context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>/WEB-INF/spring/root-context.xml</param-value>
</context-param>

<!-- Creates the Spring Container shared by all Servlets and Filters -->
<listener>
    <listener-class>org.springframework.web.context.ContextLoaderListener
    </listener-class>
</listener>


<!-- Processes application requests -->
<servlet>
    <servlet-name>appServlet</servlet-name>
    <servlet-class>org.springframework.web.servlet.DispatcherServlet
    </servlet-class>
    <init-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>/WEB-INF/spring/appServlet/servlet-context.xml
        </param-value>
    </init-param>
    <load-on-startup>1</load-on-startup>
</servlet>

<servlet-mapping>
    <servlet-name>appServlet</servlet-name>
    <url-pattern>/</url-pattern>
</servlet-mapping>



<filter>
    <display-name>springMultipartFilter</display-name>
    <filter-name>springMultipartFilter</filter-name>
    <filter-class>org.springframework.web.multipart.support.MultipartFilter
    </filter-class>
</filter>
<filter-mapping>
    <filter-name>springMultipartFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy
    </filter-class>
</filter>
<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

为了解决这个问题,我试图解决这个问题但是没有工作:

  1. 在tomcat的web.xml中将'readonly'设置为false
  2. 通过添加禁用csrf     安全性:csrf disabled =“true” 在安全性的根上下文中:http标记。

  3. 添加了CorsFilter 

    <filter>
<filter-name>CorsFilter</filter-name>
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
<init-param>
    <param-name>cors.allowed.origins</param-name>
    <param-value>*</param-value>
</init-param>
<init-param>
    <param-name>cors.allowed.headers</param-name>
    <param-value>Content-Type,X-Requested-With,accept,authorization,Origin,Access-Control-Request-Method,Access-Control-Request-Headers</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.methods</param-name>
<param-value>GET, POST, PUT, DELETE, OPTIONS, HEAD</param-value>

    4. 发送put请求时,我仍然无法摆脱403错误。

1 个答案:

答案 0 :(得分:-1)

我不知道这是不是问题,只是通过阅读你的代码:
在你的js:

$scope.addToCart = function (productId) {
$http.put('/emusicstore/rest/cart/add/'+productId).success(function (data) {
    $scope.refreshCart($http.get('/emusicstore/rest/cart/cartId'));
    alert("Product successfully added to the cart!")
});};

并在你的java中:

@RequestMapping(value="/add/{productId}", method = RequestMethod.PUT)
@ResponseStatus(value = HttpStatus.NO_CONTENT)
public void addItem(@PathVariable (value = "productId") String productId, HttpServletRequest request) {
    System.out.println("Inside addItem()");
    String sessionId = request.getSession(true).getId();
    Cart cart = cartDao.read(sessionId);
    if(cart == null) {
        cart = cartDao.create(new Cart(sessionId));
    }

    Product product = productDao.getProductById(Long.valueOf(productId));
    if (product == null) {
        throw new IllegalArgumentException(new Exception());
    }

    cart.addCartItem(new CartItem(product));

    cartDao.update(sessionId, cart);
 }

你是java在响应中没有返回数据,但在js中你的函数需要数据。

请注意,403通常是错误的映射或安全问题。

相关问题
最新问题