我使用的是Spring boot版本(2.0.1),我遇到安全问题,所以当我尝试用这样的ajax发出请求时:
$.ajax({
url : "http://localhost:8080/utilisateurs/addUser",
headers: {
'Accept': 'application/json',
'Content-Type': 'application/json'
},
type : "POST",
data : user,
dataType : "application/json"
}
我收到HTTP错误403,我知道此错误的含义(用户可以登录服务器但没有权限)但问题是我不是使用任何安全模块这是我的依赖pom.xml文件:
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jpa</artifactId>
</dependency>
<!--<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-rest</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-jersey</artifactId>
</dependency>-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.data</groupId>
<artifactId>spring-data-rest-hal-browser</artifactId>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-tomcat</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
那么谁可以阻止请求,春季启动中是否有任何内部模块如何启用安全性, 见my previous post
提前谢谢。
答案 0 :(得分:0)
答案是通过向Web服务添加 @CrossOrigin 注释来管理服务器端的CORS,Web服务就像这样:
package com.sid.webService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;
import com.sid.dao.entity.Utilisateur;
import com.sid.metier.IMetierUtilisateur;
@Component
@RestController
@RequestMapping("/utilisateurs")
public class webServiceUtilisateur {
@Autowired
private IMetierUtilisateur mr;
@CrossOrigin
@RequestMapping(value="/addUser",method=RequestMethod.POST)
public boolean addUser(@RequestBody Utilisateur u)
{
try
{
mr.ajouterUtilisateur(u);
return true;
}
catch(Exception e)
{
System.out.println(e.getMessage());
return false;
}
}
}
如果您想要更多自定义,请添加您要访问弹簧后端的所有域,并在属性源中创建它们,如下所示:
@CrossOrigin(origins="http://localhost:8080/utilisateurs/")
@RequestMapping(value="/addUser",method=RequestMethod.POST)
public boolean addUser(@RequestBody Utilisateur u)
{
try
{
mr.ajouterUtilisateur(u);
return true;
}
catch(Exception e)
{
System.out.println(e.getMessage());
return false;
}
}
}