我正在实施一个微服务应用程序。对于身份验证,我使用JWT令牌。在登录服务的响应头中返回令牌。由于微服务,我有CORS请求。从前端我调用/ user / login(POST方法)服务,我得到用户被正确验证的响应。在我的后端,我将Authentication头添加到包含JWT令牌的响应中。当我从Intellij插件调用/ user / login来测试REST服务时,返回Authentication头。但是,当我从我的前端(Cross origin request)调用相同的服务时,我没有这个标题......我将非常感谢你的帮助,我试图改变后端和前端,但没有任何效果。
后端的CORS过滤器实现:
@Component
public class SimpleCORSFilter implements Filter {
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException, IOException {
HttpServletResponse response = (HttpServletResponse) res;
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, PUT, OPTIONS, DELETE, PATCH");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, Authorization");
response.setHeader("Access-Control-Expose-Headers", "Location, Authorization");
chain.doFilter(req, res);
}
@Override
public void init(FilterConfig filterConfig) {}
@Override
public void destroy() {}
}
在Intellij插件中获取的标头: Intellij plugin
前端服务电话:
$.ajax({
url: CONST.USER_SERVICE + "/login",
type: "POST",
data: JSON.stringify(input),
contentType: "application/json",
crossDomain: true
})
在浏览器中获得的标头: browser
