CORS过滤器停止工作一段时间后

时间:2018-01-05 07:23:18

标签: spring spring-mvc cors

我的应用程序是带有Spring后端的Angular Front-end。我试图从后端到前端访问一些Restful webservices。这是我对Custom Http服务进行的Angular调用:

stationFilter(stFilt : StationFilter): Observable<Response>
  {

    let headers = new Headers({ 'Content-Type': 'application/json' });
    let options = new RequestOptions({ headers: headers, method: 'post' });
    let currentUser = JSON.parse(sessionStorage.getItem('currentUser'));
    // options.headers.append('Access-Control-Allow-Origin','*');

        if (currentUser && currentUser.token) {
            options.headers.append('Authorization', 'Bearer ' + currentUser.token);
        }

    this.requestJsonBody = JSON.stringify({'snmpFlagOn': stFilt.snmpFLag, 'noIpStations': stFilt.noIPStation, 'stationDataDateBegin': stFilt.inputStartDate, 'stationDataDateEnd': stFilt.inputEndDate });
    console.log(this.requestJsonBody);
    return this.stationHttp.postService(this.confPropLoader.stationUrl + '/services/stationCollection/viewCollected', this.requestJsonBody, options);

}   

对于上面的授权,我使用的是基于JWT的令牌。 这是我的基于角度类型脚本的Custom StationHttp:

import { Injectable } from '@angular/core';
import { ConnectionBackend, XHRBackend, RequestOptions, Request,
  RequestOptionsArgs, Response, Http, Headers } from '@angular/http';

import { Observable } from 'rxjs/Observable';
import 'rxjs/add/operator/catch';
import 'rxjs/add/operator/map';
import 'rxjs/add/observable/throw';

@Injectable()
export class StationHttp extends Http {
    constructor(backend: XHRBackend, defaultOptions: RequestOptions) {
      super(backend, defaultOptions);
    }


    getService(url: string, options?: RequestOptionsArgs): Observable<Response> {
        return super.get( url, options).catch(this.handleError);
    }


    postService(url: string, body: string, options?: RequestOptionsArgs): Observable<Response> {

        return super.post(url, body, options);

    }

}

export function customHttpFactory(xhrBackend: XHRBackend, requestOptions: RequestOptions): Http {
    return new StationHttp(xhrBackend, requestOptions);
}

以下是在Spring方面编写的CORS过滤器:

import java.io.IOException;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.web.filter.OncePerRequestFilter;

public class CORSFilter extends OncePerRequestFilter {
    private static final Log LOG = LogFactory.getLog(CORSFilter.class);

    @Override
    protected void doFilterInternal(HttpServletRequest request,
            HttpServletResponse response, FilterChain filterChain)
            throws ServletException, IOException {
        LOG.debug(" CORS Filter Running....");

        if (response == null) {
            LOG.debug(" Response is null");
        }
        LOG.trace("Sending Header....");
        // CORS "pre-flight" request
        response.addHeader("Access-Control-Expose-Headers", "Access-Control-*");
        response.addHeader("Access-Control-Allow-Methods", "GET, POST, PUT, OPTIONS");
        response.addHeader("Access-Control-Allow-Headers", "Access-Control-*, Origin, X-Requested-With, Content-Type, Accept, authorization");
        response.addHeader("Access-Control-Allow-Origin", "*");
        response.addHeader("Access-Control-Allow-Headers", "content-Type");
//      response.addHeader("Access-Control-Max-Age", "3600");
        LOG.trace("Request:"+ request.toString());
        LOG.trace("Response:"+ response.toString());
        // }
        filterChain.doFilter(request, response);
    }
}

正在调用Restful服务:

@RestController
@RequestMapping(path = { "/stationCollection" })
public class StationCollectionWS {
    @Autowired
    StationCollectionWSDBProcessing scWSDBPrcessing;

    @Autowired
    StationCollectionDAO stationCollectDao;

    @Autowired
    StationExpertStateBean stationExpertBean;

    @Autowired
    StationCollectionProperties stCollectProp;

    @Autowired
    @Qualifier(value = "isClustered")
    Boolean isClustered;

    @RequestMapping(path = { "/viewCollected" }, method = { RequestMethod.POST }, consumes = {
            "application/xml", "application/json", "text/xml" }, produces = { "application/json" })
    @ResponseBody
    public ResponseEntity<List<StationCollectionData>> viewStationDataCollected(
            @RequestBody StationDataFilter filter) {

        try {
            log.debug("  View on the basis of filter:-> " + filter);
            Date startDate;
            Date endDate;
            List<Object> paramList = new ArrayList<Object>();
            StringBuilder sqlStringBuilder = new StringBuilder(
                    "SELECT * FROM STATION_COLLECTION_DATA");

                /*
                    Do some processing for sqlStringBuilder here
                */
            String sql = sqlStringBuilder.toString();
            log.debug("Argument List:" + paramList);

            Object[] params = paramList.toArray();

             // Making DAO layer call
            RowMapper<StationCollectionData> stDataRowMapper = StationCollectionRowMappers
                    .getStationCollectionDataRowMapper();

            stData = (List<StationCollectionData>) stationCollectDao
                    .getRecords(sql, params, stDataRowMapper);



        } catch (Exception ex) {
            ex.printStackTrace();
        }
        return new ResponseEntity<List<StationCollectionData>>(stData,
                HttpStatus.OK);
    }

    @RequestMapping(path = { "/submitRequest" }, method = { RequestMethod.POST }, consumes = {
            "application/xml", "application/json", "text/xml" }, produces = { "application/json" })
    @ResponseBody
    public ResponseEntity<String> submitStationCollectionRequest(
            @RequestBody Request request) {
        try {

            if (request.getProductType().trim() == null
                    || request.getProductIdentifier().trim() == null)
                return new ResponseEntity<>(
                        "Invalid Incoming Request. Please check the following values: [\' Product Identifier (SEID)\', \'Product Type\']",
                        HttpStatus.BAD_REQUEST);


            String incmgProdType = request.getProductType();
            String incmgProdId = request.getProductIdentifier();

            if (incmgProdId != null && !incmgProdId.equals("")) {
                    if (!stationCollectDao.chekRecordExist(
                            "STATION_COLLECTION_QUEUE", "PRODUCTIDENTIFIER",
                            incmgProdId, true)) {
            if (scWSDBPrcessing.checkPrIdCollected(incmgProdId)) {
                            log.debug("Within Days Limit");
                            HttpHeaders responseHeaders = new HttpHeaders();
                            responseHeaders.set("WithinLimit", "MyValue");
                            return new ResponseEntity<String>(
                                    "Requested Product Identifier:"
                                            + incmgProdId
                                            + " is within "
                                            + stCollectProp.getNoOfStationCollectionDays()
                                            + " days", responseHeaders,
                                    HttpStatus.ACCEPTED);

             } 
             }
             }
             if(! incmgProdId.equals("ABC"){

                HttpHeaders responseHeaders = new HttpHeaders();
                responseHeaders.set("UnsupportedProductType", "MyValue");
                return new ResponseEntity<String>(
                        "Unsupported Product Type for Request",
                        responseHeaders, HttpStatus.BAD_REQUEST);
            }

        } catch (SQLIntegrityConstraintViolationException ex) {

            log.debug("Record Already Present In Queue");
        } catch (Exception ex) {
            ex.printStackTrace();
        }
        HttpHeaders responseHeaders = new HttpHeaders();
        responseHeaders.set("SucessfullyCompleted", "MyValue");
        return new ResponseEntity<String>("Successfully Submitted Record",
                responseHeaders, HttpStatus.OK);
    }

}

问题是有一段时间我确实收到了请求(时间不可预测,有时是8小时,有时是12小时)但在此之后,我开始收到以下错误:

requests library

我在Chrome的网络标签中看到成功前传递请求,如下所示:

Error Message I recieve

但原始请求失败如下:

Pre-flight request

事实上它可以运作一段时间,但之后它会让我感到很困惑。我错过了什么吗?

以下是POST呼叫的请求标头:

Accept:application/json, text/plain, */*
Accept-Encoding:gzip, deflate, br
Accept-Language:en-US,en;q=0.9
Authorization:Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbiIsInJvbGVz
Cache-Control:no-cache
Connection:keep-alive
Content-Length:137
Content-Type:application/json
Host:lqtremmt01.gl.avaya.com:9002
Origin:http://******************:8080
Pragma:no-cache
Referer:http://******************:8080/stationUI/home/1001/station_filter
User-Agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

添加我使用的令牌:

eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbiIsInJvbGVzIjp7Il9pZCI6IjEwMDEiLCJ1c2VybmFtZSI6ImFkbWluIiwiZmlyc3ROYW1lIjoiVG9tIiwibGFzdE5hbWUiOiJIYXJkeSIsInBhc3N3b3JkIjoiYWRtaW4iLCJyb2xlIjoiYWRtaW4iLCJ0b2tlbiI6ImV5SmhiR2NpT2lKSVV6STFOaUo5LmV5SnpkV0lpT2lKaFpHMXBiaUlzSW5KdmJHVnpJanA3SWw5cFpDSTZJakV3TURFaUxDSjFjMlZ5Ym1GdFpTSTZJbUZrYldsdUlpd2labWx5YzNST1lXMWxJam9pVkc5dElpd2liR0Z6ZEU1aGJXVWlPaUpJWVhKa2VTSXNJbkJoYzNOM2IzSmtJam9pWVdSdGFXNGlMQ0p5YjJ4bElqb2lZV1J0YVc0aUxDSjBiMnRsYmlJNkltVjVTbWhpUjJOcFQybEtTVlY2U1RGT2FVbzVMbVY1U25wa1YwbHBUMmxLYUZwSE1YQmlhVWx6U1c1S2RtSkhWbnBKYW5BM1NXdzVjRnBEU1RaSmFrVjNUVVJGYVV4RFNqRmpNbFo1WW0xR2RGcFRTVFpKYlVacllsZHNkVWxwZDJsYWJXeDVZek5TVDFsWE1XeEphbTlwVmtjNWRFbHBkMmxpUjBaNlpFVTFhR0pYVldsUGFVcEpXVmhLYTJWVFNYTkpia0pvWXpOT00ySXpTbXRKYW05cFdWZFNkR0ZYTkdsTVEwcDVZako0YkVscWIybFpWMUowWVZjMGFVeERTakJpTW5Sc1ltbEpOa2x0VmpWVGJXaHBVakpPY0ZReWJFdFRWbFkyVTFSR1QyRlZielZNYlZZMVUyNXdhMVl3YkhCVU1teExZVVp3U0UxWVFtbGhWV3g2VTFjMVMyUnRTa2hXYm5CS1lXNUJNMU5YZHpWalJuQkVVMVJhU21GclZqTlVWVkpHWVZWNFJGTnFSbXBOYkZvMVdXMHhSMlJHY0ZSVFZGcEtZbFZhY2xsc1pITmtWV3h3WkRKc1lXSlhlRFZaZWs1VFZERnNXRTFYZUVwaGJUbHdWbXRqTldSRmJIQmtNbXhwVWpCYU5scEZWVEZoUjBwWVZsZHNVR0ZWY0VwWFZtaExZVEpXVkZOWVRrcGlhMHB2V1hwT1QwMHlTWHBUYlhSS1lXMDVjRmRXWkZOa1IwWllUa2RzVFZFd2NEVlpha28wWWtWc2NXSXliRnBXTVVvd1dWWmpNR0ZWZUVSVGFrSnBUVzVTYzFsdGJFcE9hMngwVm1wV1ZHSlhhSEJWYWtwUFkwWlJlV0pGZEZSV2JGa3lWVEZTUjFReVJsWmllbFpOWWxaWk1WVXlOWGRoTVZsM1lraENWVTF0ZUV4WlZWcDNVMFV4V1ZGdGJHaFdWM2cyVlRGak1WTXlVblJUYTJoWFltNUNTMWxYTlVKTk1VNVlaSHBXYWxKdVFrVlZNVkpoVTIxR2NsWnFUbFZXVmtwSFdWWldORkpHVG5GU2JYQk9Za1p2TVZkWE1IaFNNbEpIWTBaU1ZGWkdjRXRaYkZaaFkyeHNjMXBJVG10V1YzaDNXa1JLYzFsWFNsaGxSRlphWldzMVZGWkVSbk5YUlRGWVpVVndhR0pVYkhkV2JYUnFUbGRTUm1KSVFtdE5iWGh3VldwQ1lVNXNjRVpXVkVab1VqQndXVlpzWkhOVlIwWldZMFZ3V0ZadGFFeFpWRXBYVmtaT1dWUnJjR2xoTUhCMlYxaHdUMVF3TUhsVFdIQlVZbGhTUzFsWE1EVmpSbVJYV2taT2ExSXdXbGxVYTJSelZGWkZkMk5FVmxwaGEyOHdXV3RXYzJOWFNYbGlSbkJYVFZWdmQxZFdXbXBOUjBaV1pVVlNWR0ZyU25CVVZ6VlRZekZzZEdKRmNFOWhNbmd3Vm0xd1YxWkhTbGhoU0VKV1lXdHdVRmt3V2xKbFYwcEdaRVpTVjJKR2EzbFdWRVpUVWpGUmVWSnNXbWxsYkZwT1dXeGFXazFXVlhsT1dHUm9UVlpzTTFscmFFTldWVEYwWlVWNFdsWldjRE5WTUZWNFYxWkdkR0pIYUZkV00yY3lWbFJHYWsxV1RYbFZibEpVWVRKb1dGbHROVU5UTVd4WVRsVktUazFWTlZsYVNIQlhZV3hLZFZGclZsWk5Wa3BvVlRJeFIyTnNXbkZVYkZaWFZtdHdTRmRXV2xkT1JrcEhWRzVHVTJKWVFrOVphMXAyVFZaa1dFMUlhRk5OYkVwSVdUQmFVMVpHV2tkalJYUmFZa1phYUZreWVITmpNWEJKVkcxMFYxWXphRE5YYTFKTFl6RnNXRk5zYUd4U1JscGhXbGR6TVZaR1drVlNiazVZVWxSR1dWcFZWbmRoUjBwVllraGtWMkpZVW5GVWJHUlRVbTFLU1ZGdGRFNWlXR2gzVmxkd1ExbFZOWE5qUlZwWFZrVmFiMVZxUW5kWFZscHpXa2hPVmxJd1dsZFpNRlozVjBaYWRHRkZlRnBXUlhCWVZtdGFUMWRXVW5KalIyeG9UVWhDTWxZeGFIZFVNVkYzVFVoc1ZGZElRbFZaYkdoVFV6RnNXRTFFVm1wU2JWSllWMnRhVDJFeFNYZFhiR3hWWVRKU2VsWkdXa1prTWs1RlZteHdhR0V5T0hkWFYzUlhZekpPV0ZOWWJHbFNia0pZVkZaV2RtUXhaRmRYYlhCT1VqQmFWMXBWVmxOV1IwWnlVMjVDVlZaNlZsUlpla1p6WkVkS1JtTkZPV2hOYm1kM1ZtMHhkMVl4V2toVGJHaG9VMFZLVjFsWGRIZFZSbXQzVjJ4S2JGWXdjRWRhUlZwVFZqSktSMkV6YkZkV1JWcFVWV3BHVW1WV1NuTlhiV3hzWWtad1QxZFhlR0ZYYXpGWFZsaHNUMWRIVW05VVZscHpUVEZzY21GRlRsZFdWRVl3V2xWV05GZHNXbGRqUkU1V1RVWldORll4V2tka1IwcElZVVprVjAweVkzbFdiRkpIWVdzeFYxUlliRlppYkVwVldWUktiMWRHYkhST1ZVNVVUVmQ0V1ZSc1ZrdFVhekZXVGxac1lWTklRbGhaVjNoTFpGWkdjbFpzV2s1V2EzQnZWbFJKZUZJeVRuTlhia1pWWWtaYVdGWnRkSGRUUm1SWFYyeGtUMUpyY0VoV1J6VkhWVEpLV1ZGck9WcGhNWEF5VkZaYWExZEZNVWxoUms1T1lrVndTVmRVUW1GVk1WcEhWMnRrYWxKWVVtRlphMXBoWVVacmVXVklUbXBOV0VKS1ZrY3hNRll4V1hwaFJFNVlZVEZLVEZsNlJuTlhSazV6WVVkNFUxSnNjR2hYYkdSNlRWWmFSMWRyVmxOaWF6VlpWV3hTUjFkV2NGWldibVJvVWpCd1ZsbHJhR3RXTWtwWlZXNUdWV0pIVWxSVmJURkxVMVpHZEdSRk5XbFhSMmd6Vm14a2QxRXhiRlpPV0U1cVVsWndXRlpyVm1GaU1WWnhVVzVrV0Zac2NIcFhhMmhQVm14SmQxZHNaRnBOUmxvelZqQmFZV1JIUmtabFJuQlhVbGhDV1ZadGRHRlVNV1JYVlc1S2FsSXllRzlVVldoRFRXeFplR0ZJWkZWTlZrWXpWRlZvYzFaR1pFbFJiRlphWWtkb1ZGVjZSbk5YUlRGRlZtMXdVMkpXU2xsV01uUmhWREpGZUZOWVpGaGlSM2hXV1ZSS1UyVnNXa2RYYTFwclRXczFSbFp0ZUhkaFIwVjVUMGhrV0ZZelVsaFpla3BQVjBaT1dXSkhiRk5pYTBwWlZrWmFWMlJ0VVhoYVJtUllZbGhDVDFWcVFtRldNWEJXVm14T1YxSXdXbmxWTWpWRFZsWmFObFpzVWxwbGExcDZXa1ZrUzFKdFRrWlBWMmhPWW0xa00xWnRNSGhrTVZsNFYydG9WR0pIYUc5Vk1GWkxWakZzV0dSSVpGWlNiWFF6VmpKNFMySkdXWGRqUldSaFVsWndWRlpxU2t0U01rVjZZa1prVjFKV2NGVldWM0JIVlcxV1YxTnVUbGhpVjNoeldXdGFkMVF4WkZobFIwWllZWHBHV0Zac2FITlVNV1JJVlcwNVZWWnNjSHBVVkVaelkyMUdSbFJzWkZkV1JWbDNWMnhXVjA1R1pITlhiR1JxVWtVMVYxUlZXbGRPUmxsNFYydGthMUl3Y0VsWlZWcHJWakF3ZVZremJGZGlSa3BJV1ZkemVGWXhVbGxpUmxwcFlrVndWbGRXVWt0aU1XUkhZa2hTVDFaVk5WVlVWbVEwVjFaU2MxWnJkRlZoZWtaWFZHeGFjMWxXVGtsUmJHaGFWak5vVEZwR1drZGpiRnB6VjJzMVYyRXpRblpXYkZKS1pVWkplVlJ1VGxoaWExcFdXV3RhWVZkR1duUmtTR1JVVW0xU1dGWXllR3RVTVVweVkwVm9WMUo2VmtoV1ZFcExWMVpHY2s5V2NHaE5XRUY1VmtaYVlXRXhaRVpOVld4b1VtczFUMWxyVm5kVFZtUlZVVzFHVmsxV2NFaFdNblJyWVd4S1dWVnRSbHBoTVhCb1dWVmFjbVZYVmtsVWJYQk9WMFZLUzFaclkzaE5SbGw0VjFod2FGSkZOVmxaVkVaTFZFWnNObEp1VGxoU2F6VjZXVlZrTkZVeFNuTmpSMmhZWWtkU05sUldXbUZTTVdSeVZteE9hV0Y2VmxwV1YzaFRVakZrVjJOR1dsZGliVkp2VldwQ2QxWnNiSEpoUjNSWFRXdHdXbFpYTlVkV1YwcElWV3hTVm1KVVJreFZNVnBIWkVkU1JrNVhiRmhTTW1kNlZtMTRhMlF4UlhoaVJscFBWMFUxY1ZWc1duZFhSbHB5Vm0xR2FVMVdXbmhWVnpWclYwWmFjMk5JY0ZoaE1taFFWbTE0U21ReFpITmFSbkJPVW14dmVsWnFRbUZaVjFKSVVtdGFiRkp1UWxoVmJHaERWMVphZEdSSFJsVk5WMUpZVmxjMVMyRnNTWGxsUnpsVlZsZG9SRlJYZUZwbFIwWkpXa1pXVGxacldYcFdSbFp2WXpGYVIxcEZiRkppUmxwaFdXdGtiMVpHVmpaU2JrNVlVbFJHUmxadE1YZFZNa3BYVTJ4c1YwMXVVbWhXUkVwR1pVWk9XVnBHYUdsU00yaFhWMVpTUzFVeVZuTlhhMlJZWVRGd2NsUlhjekZTYkZwMFpVaGthRkl3VmpWVU1HaHJWMFpaZWxWc2FGcGxhM0JRVmpCYVQxZFhTa2hpUms1cFlUQndXbFpyV21GV01sSjBWVmhvWVZKdFVsbFpiR2hEVkRGV2NWRnRSbGROV0VKWFZtMTRUMVl4U1hkWGJteFdUV3BXUkZac1dtRk9iRnB6Vld4d2JHRXhjRFpYYTFaclV6RktkRlJyV2xCV01taFBXVzB4YTAweFduUk5TR2hyVFZac05GWXlkRzlXUjBwSVlVYzVWazFHV2t4V2FrWnpWMGRTU1ZwR1dsTmlXRkY2Vm1wS05GTXlTa2RYV0dScVVsZFNhRlZzV25kV1JscHhVMnQwVTAxclZqWlphMXByVmpGS1YyTkdWbGRXTTBKSVZsY3hWMVl4VG5WVWJHaHBWak5vZWxkWGRHRmtNVkY0V2tab2JGSXdXbGxaV0hCSFYwWmFjMkZJVGxWTlYxSkpWbGN3TlZaV1duTmpTSEJWVmtWYWVsa3lNVWRTYkZKeldrWmtWMUpXYkROV01uaFhWakExUjFwSVRsaGlSMUp4Vld0Vk1WWXhVbFpYYkdSUFVteHNORll5ZEd0aE1VbDNZMFZzV2xaV2NISldha0YzWlZacmVtSkdaR2xTYTNCSlYxWmtlbVZHV1hoVmJHeHBVbXh3Y0ZsclZuZFdiR1JYVld0MGFVMVhVa2haYTJoVFZERmFWazVXVmxWV2JWRXdWakZhVTJNeFduSmtSbFpvWld0YVdGWkhlR0ZqTVd4WFZHdHNVbUpIYUdGV2FrNXZWRVp3UjFkclpHcGlSbkI2VmpKek1WWXlSWHBSYmxwWFlrWktTMXBWV2twbFZsSjFWR3hvYVdFeGNGZFhWM1JoV1Zaa1IxZHVVbXRUUjFKVlZXMHhVMWRHV1hsbFIzUlZUVlZ3ZVZrd1ZtOVdNVW8yVm10b1YxWkZjRXhXTVZwSFkyczVWMk5IYUU1WFJVWTFWbXRhWVZsWFJYaGFSVnBPVmxkNGIxVnRjekZVTVd4eVZtNWtWRlp0VWxaVlZ6RkhWbXN4VjJORmFGZE5ibEp5V1ZkNFMxZFdWblJTYkhCb1RWaENiMWRXVm1GamJWWllWbXRzVldKWVFrOVdNRlpMVXpGYWNsa3phRTVTYkd3MFZqRm9kMkZHU2taT1ZteGFWa1ZhVEZaRlduTk9iRXAxVkd4b1UyRjZWalpYVmxaclRrWlZlRk51VG1wU01taFpXV3RrVTA1c1VsZFhiVVpUVFZkU2VWWnRlRTloVjBZMlZteHdWMVl6YUZSVmFrWnJWakpPUjFkc1pHbGlWa3AyVmxkd1EyUXhXbk5pU0Vwb1VqTlNXRlJYZEhkWGJGcFlUbFZrVjFZd2NFbFdWM2hUVm0xS1ZWSnJlRlpOVm5CSVdrVmtVMUpyTlZoaVJtaFRUVzFrTmxadE1UUmhNbEY0VWxob2FWSnNjRkJXTUZVeFkxWldjMWR1WkZoU2JIQjVWbTB4UjJGVk1WZFhibWhXVm5wV2NsWXdXbUZqTWs1SlkwWm9hRTF0YUZGV2JURTBVMjFSZUZwSVRtRlNia0pQVlcxNGRtVnNXbkZSYlVaYVZqRktTVlZ0ZEdGaVJrcDFVV3hvVm1KSGFFUldNVnBoWkVkU1NGSnNWazVXTVVwWlZteGpNVk15Um5OVFdHeHNVbnBzVmxac1pHOVNSbEpZWlVad2JGSXdXa3BYYTFwWFZHeGFjbGRZY0ZkU2JGcDJXWHBHWVZJeGNFWmlSa3BwVW14d2FGZFhkR3RpTVZwSFZtcGFVMkpyTlZsVmJGSkhVbXhhZEUxWVpGWk5hM0JZVlRKNGMxWXdNWFZWYldoWFVrVndSMXBWV2s5WFZuQkhZVWRzVTAweWFGaFdNVnBUVXpGVmVWWnVUbGhoTWxKWldWUkdkMk5zVWxoamVrWlRZa1p3TUZwVmFHdGhSa2wzVm1wV1ZVMUhhSEpXTUZwYVpXeFdjMkZHY0d4aE0wSlJWbXBDWVZReFpGaFRhMmhwVW1zMWNGbFVRbmRYYkZweVYyMUdWMDFzU2pCV1ZtaHZXVlpLZEZWc2JGcGlSMmhFVmtSR1YyTldSblJTYkdST1YwVktXRlp0TVRSVU1WbDRVMWhrV0dKdGVGZFVWM0JYVWtaYWMxZHRSazlpUm5CNlZsZDRkMkpIUlhoalJGcFlZVEZhY2xWNlJrdGtSbEp5VjJ4Q1YwMXVhRmxXYWtKWFVqQTFSMWR1VWs1VFIxSlBWbTE0UjA1V1ZuUmxSM1JYVmpCV05GWXllRTlYYlVwVlZtdFNWMkpHY0doYVJtUlBVbXh3U0dWSGJGTk5NbWhaVm1wS01GbFdVWGhXV0doVVltdHdVRlp0ZUhkWFJsSllUbFUxYkZKc2NIaFZiWFF3WVdzeFdGVnNXbFpXTTJoeVZsUkJkMlZYUmtkV2JHUlhaV3RKTUZadGNFZFpWMDV5VDFaa1lWSnRVbkJWYWtaTFYyeGFXR05GT1dsTlZscElWakkxVDFadFJqWmlSemxWVmpOTmVGVXdXbXRqYlVaR1QxZG9VMkV5T0hsWFYzUnZVekZhVjFkc2FGWldSVXBvVm14YWQyVnNhM2hYYkU1clVsUnNXRlp0Y3pGV01rcHlVMnRzVjJKVVJUQlpha3BLWlVaa2MxcEdhR2xoZWxaV1YxWm9kMk15UmtkWGJrNVlZa2RTVUZWdGVFdE5SbkJXVmxSV1dGSnNiRE5XTW5SelZsWmFjMk5IYUZkaVZFWllXWHBHYTJSSFJrZGhSMnhUWWtoQ1ZsWXhaSGRUTVVsNFUxaHNWV0V5VWxsWmJGWmhWa1pzVlZKdVpGZE5WbkF3VkZaU1ExZHNXbk5UYm5CWVlUSm9WRmxyV2twa01XUnpZa1prYVZKcmNGbFdSbFpoVjIxV1NGSnJhR3RTYkhCdldsZDBZVkl4V2xoTldIQk9WbTE0V0ZZeU5WTmhSa2w1WVVkb1ZtRXhXak5XUkVaM1ZteHdSazlXVG1obGJYaGFWMVpXVmsxV1ZYaFRXSEJhVFRKb1dGbHJaRzlOTVZaeFUyczVhbUY2VmxoV01uTXhWakZhYzJOR1pGaFdla0Y0VlZSS1QxSXhWbk5YYkdScFVtNUNVRlpYTUhoT1IxWkhWbXhrVm1KSFVsWlphMXAzVm14c2NsWnVUbGROUkVZeFZWZDRRMVpyTVhGU2EzaGFUVlp3U0ZwR1pFOVNNVlp6V2tkNGFFMVhPSGxXYWtaaFZqSkZlRlpZYUZSaE1sSldXV3RhWVZkV2JGbGpSbVJZVW14YU1GcFZXbmRVYkVwelkwVnNZVlpXY0ZCV1ZFcExWakZrYzFwR1ZrNVdia0paVjFaV2ExWXlUbkpPVmxwUVZteHdXRlZzVWxkbFZtUlZVVzFHYUUxck1UVlZiWFJ2VlVaWmVsVnJPVlpoYXpWMlZHdGFhMWRIVGtaUFYyeE9WbXRaTUZacVNqQlpWbGw0V2tWb2FGSnNjRmhaYkdodlZFWmFSVkp1WkZkaVJuQldWVzF6TldGV1NYcFZWRXBYVFc1U2NWcFZXbUZqTVZweFYyeGthR1ZyV2xsWFYzUmhXVmRHUjJOR2FHeFNNRnBZV1d0YVMyVldXbGhqZWxaVllYcEdNRmRxVG5kV01rcEhWMjVhWVZKRldsUldha1pUWTIxS1IxVnRiR2hOV0VKb1ZtdGFVMUV4WkhSVldHaHFVbTFvVDFacVFtRlVNVkpXVlc1T1ZHSkdjRWxVVm1oUFYyeGFkRlZyYUZaTmJsSlFWakp6ZUZkR1ZuVmpSbFpwVjBkb1ZWWnRNSGhXTVU1WFUyNUtVRll5ZUhCVmJuQnlUV3hhZEUxVVFsWk5hekUxVmxkNGExVXlTa2RYYkZwYVZqTk5lRlY2Um5Oa1IwNUdWRzE0YVZKVVZscFdSbHB2VkRKR1IxTllhRlJoTVZwWFZGWmFTMkZHV2tobFIwWlRUVlp3ZUZaWGVGZGhWa3B5WTBWb1dHSkhValphVlZwTFZqRmFjMVpzU21obGJGcFlWa1pTUzFVeVVYaFhXR3hzVW5wc2NGUlhlRWROTVd4eVlVVmthRlpVUWpWWlZWcERWakpGZUZkc1pHRldWbkJVVm1wR1YyTnJOVmhsUm1SWFVsWnZNRlp0ZUdGaU1rbDVVMnhrVjJKR1NsQlZNR2hEWTBac2RFNVZUbFZpUm5CNFZWZDBhMVF5U2tsUmJHaFdWak5OTVZsVVNrdGtWa1oxVkd4d1RtSnJTa1ZXVjNoclZERmtWMVZ1U2xkaVIyaHZWRlphVm1WR1pISlZhMDVxWWxaYVdGWXllRk5VYkdSSVZXMUdWMkpZYUdGYVJFWnJWMGRXUms5Vk5VNVdWbTk0Vm0weE5GWXlSWGROVlZwWVlteHdXVlZyVm1GVlJteFlaRWhPYTFaVVJrcFdSM1IzWVZaWmVtRklXbGhoTVZwUVZUSnpNV05yTVZkV2JHUllVakpvVVZadGRGZFdNRFZ6Vld4YVZtSkdjSE5XYkZKWFpERndSVk51VGxwV2JWSkpXVlZTVDFaR1dYcFJha3BoVmxaVmVGWnNXa3RXVmtweVRsWmtVMVpGVlhoV2ExcHZaREZPY2sxWVVsaGlSWEJPV1ZSS05GSldiRmhqZWxab1RWVXhOVlpYZUhkaFJrNUlaVWM1VjFKNlZucFdWVnB6Vm14V2RHTkdVbGRpUm5CNFZqRmFZVlF5Vm5OYVJtaFBVMGhDY0ZWdE1YcGtNWEJGVTFob1UxSlViRVpaYTJodlZXc3hWbU5HVWxabGF6VkVXWHBCZUdOV1JsaGlSekZXVFRKU2QxZFdXbXRTTURGR1lraEdhVTB5YUZCV2ExWldaVVpTVjFWck5XdE5SRlo0VmpGU1UxUldSWGRqU0U1aFZsZG9RMWxXVlRWalZrcFZVbXMxVjFKc1dUQldSbWgzVTJzeFJrNVlSbWhTUjNReFdXcEdiMkpGTUhwVmJteFRVMGhDU0ZZeGFGZGhNRGxIWTBaa1ZrMUZOVE5VYkdoeVpFVTVXVnBJWkZWU01IQk1WVzB4VTFGc1ZYbFhiWFJTWVROb1RGZHFTbGRUVmxWNFUydGtVbFV3YnpWVVJVNUxZMFpzV1ZWWGJGQmhhMVY0VkZaU1ZtVkZNVFpTVkVKT1VrVldlbE5YTVZkT1IwNUVVMVJhVGxaR1ZqUlViRkpHWldzeE5sTllaRTVYUkVGMVZqSjBiMkpYWnpKaE1FVXdVMnR6TUdKR1VsUmlNMFp0V1hwYWIxb3djR2hSYTJnMFlqSTFTVm96UVRWUlZsWjBXa1Z6ZEZkVk1UQlNVMG81VEVOS2NGbFlVV2xQYWtVeFRWUlZlRTE2VFhkUFJHZHpTVzFXTkdORFNUWk5WRlY0VGxSRmVrNUVaelJQU0RBdWNFOTNTVmRrWjA1VFUzQkhiM2RQVmtGbFkzRlBka3ROZUVGcmVFWkpjRmhyU0dWM01XbFdNM1JPV1NKOUxDSnBZWFFpT2pFMU1UVXhNek14T1RBc0ltVjRjQ0k2TVRVeE5URXpORGs1TUgwLkU0ZFZfbkJscjRJZlVoWVlqVGNOeTdPbXZiMXowZFhSYk9PZndjTEFndVUifSwiaWF0IjoxNTE1MTMzMjY5LCJleHAiOjE1MTUxMzUwNjl9.k1A8OXnA18YYL9aO_wY0j6DSQ29yHvN-ibeOzR6o9h8

这是我从Back-end Onceized获得的完整用户详细信息。一旦我获取它,我将其保存在我的会话存储中。以下是Spring中的代码,当我在stUsr中设置令牌时如下:

stUsr.setToken(Jwts.builder().setSubject(stUsr.getUsername())
                     .claim("roles",
                     userDb.get(stUsr.getRole())).setIssuedAt(Conversion.toDate(StationCollectionWSUtilities.getTodaysDate()))
                     .signWith(SignatureAlgorithm.HS256, "admin").compact());

这个stUsr就是在令牌中显示的内容。

1 个答案:

答案 0 :(得分:0)

有类似的问题。对我来说,问题是我的JWT过期并导致Spring Boot应用程序引发异常。负责将响应发送回Angular应用程序的全局异常处理程序是在未设置CORS标头的时间点完成的。

为解决此问题,我在doFilterInternal()方法中首先将CORS响应标头设置为

CORS响应标头:

  httpServletResponse.addHeader("Access-Control-Expose-Headers", "Access-Control-*");
httpServletResponse.addHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
httpServletResponse.addHeader("Access-Control-Allow-Headers", "Access-Control-*, Origin, X-Requested-With, Content-Type, Accept, Authorization");
httpServletResponse.addHeader("Access-Control-Allow-Origin", "http://localhost:4200");
httpServletResponse.addHeader("Access-Control-Allow-Headers", "content-Type");
httpServletResponse.addHeader("Access-Control-Allow-Credentials", "true");

希望有帮助!