如何使用带有Resteasy,Angular和Wildfly10的JAX-RS处理CORS
我在与我的角度客户端相同的机器上的wildfly 10上拥有一个resteasy Web服务。
- 获取请求作品 据我了解,
- 放置和删除操作被称为2次是因为完成了预检请求。
curl -X DELETE http://localhost:8080/resteasyWebServices-1.0-SNAPSHOT/company/57 -i可以很好地工作,而无需两次执行请求。相反,当用angular客户程序调用时, restWebService被调用两次!
我试图添加一个corsFilter,但是它不但不能帮助我获得请求,而且不能帮助我解决问题
package com.solarity.app; // {{ groupId}}.app
import com.solarity.rest.CompanyRestService;
import com.solarity.rest.PersonRestService;
import org.jboss.resteasy.plugins.interceptors.CorsFilter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import javax.ws.rs.ApplicationPath;
import javax.ws.rs.core.Application;
import java.util.HashSet;
import java.util.LinkedHashSet;
import java.util.Set;
@ApplicationPath("/")
public class InitApplication extends Application {
/**
*
*/
Set<Object> singletons;
HashSet<Class<?>> webServiceClasses;
public InitApplication() {
super();
webServiceClasses = new HashSet<>();
webServiceClasses.add(PersonRestService.class);
webServiceClasses.add(CompanyRestService.class);
singletons = new LinkedHashSet<>();
singletons.add(this.getCorsFilter());
}
@Override
public Set<Class<?>> getClasses() {
return webServiceClasses;
}
@Override
public Set<Object> getSingletons() {
return singletons;
}
private CorsFilter getCorsFilter() {
CorsFilter result = new CorsFilter();
result.getAllowedOrigins().add("http://localhost:4200");
return result;
}
}
我试图在我的Web服务中实现选项方法,但没有成功...
package com.solarity.rest; // Note your package will be {{ groupId }}.rest
import com.solarity.entities.CompanyEntity;
import com.solarity.entities.PersonEntity;
import com.solarity.service.CompanyService;
import com.solarity.service.PersonService;
import com.solarity.util.ResponseUtil;
import org.apache.http.HttpStatus;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import javax.ws.rs.*;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
/**
*
*
*/
@Path("/company")
public class CompanyRestService {
protected Logger logger = LoggerFactory.getLogger(getClass());
private CompanyService companyService = new CompanyService();
@GET // This annotation indicates GET request
@Path("/")
@Produces(MediaType.APPLICATION_JSON)
public Response getAll() {
Object response = null;
String errMsg = null;
int responseStatus = -1;
try {
this.logger.debug("companyServcfindAll----------------debug");
this.logger.warn("companyServcfindAll----------------WARN");
response = companyService.findAll();
} catch (Exception e) {
errMsg = "Error getting all persons";
logger.error(errMsg, e);
}
return ResponseUtil.getAlteredResponse(response, errMsg, responseStatus, HttpMethod.GET);
}
/**
* curl -X DELETE http://localhost:8080/resteasyWebServices-1.0-SNAPSHOT/company/57 -i
*
* @param id
* @return
*/
@DELETE
@Path("/{param}")
public Response delete(@PathParam("param") Integer id){
Object response = null;
String errMsg = null;
int responseStatus = -1;
try {
logger.debug("Deleting entity", id);
companyService.delete(id);
responseStatus = HttpStatus.SC_OK;
} catch (Exception e) {
errMsg = "Error Deleting Entity:" + id;
logger.error(errMsg, e);
response = errMsg;
responseStatus = HttpStatus.SC_METHOD_FAILURE;
}
return ResponseUtil.getAlteredResponse(response, errMsg, responseStatus, HttpMethod.DELETE);
}
/**
* Not working
* @return
*/
@OPTIONS
@Path("{path : .*}")
public Response options() {
return Response.ok("")
.header("Access-Control-Allow-Origin", "*")
.header("Access-Control-Allow-Headers", "origin, content-type, accept, authorization")
.header("Access-Control-Allow-Credentials", "true")
.header("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS, HEAD")
.header("Access-Control-Max-Age", "1209600")
.build();
}
}//end Class
这是我的ResponseUtils类
package com.solarity.util;
import org.apache.http.HttpStatus;
import javax.ws.rs.core.Response;
public class ResponseUtil {
/**
*
Built to counter a Angular cross-reference problem
Adapted for Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://localhost:8080/dlssResteasy1-1.0-SNAPSHOT/person/getPersonsAsJSON. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).
source answer https://stackoverflow.com/questions/23450494/how-to-enable-cross-domain-requests-on-jax-rs-web-services?answertab=votes#tab-top
More Documentation about CORS on https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS
* @param param the object to send if errorMsg is null
* @param errorMsg if not null sends an error code with error Message
* @param responseStatus response status which can be found from HttpStatus.* (if <= 0 will be taken from errorMsg, or ok)
* @return an altered response which is customized
*/
public static Response getAlteredResponse( Object param, String errorMsg, int responseStatus, String httpMethod ) {
Response result = null;
int rStatus = responseStatus;
if (errorMsg != null && responseStatus <= 0) {
rStatus = HttpStatus.SC_UNPROCESSABLE_ENTITY;
} else if (errorMsg == null && responseStatus <= 0){
rStatus = HttpStatus.SC_OK;
}
if ( errorMsg == null ) {
result = Response
.status(rStatus)
.entity(param)
.build();
}else{
result = Response.status(rStatus)
.entity(errorMsg)
.build();
}
return result;
}
}
这是调试到FF的结果
3 个答案:
答案 0 :(得分:1)
- 观察OPTIONS请求和响应,并确保来自服务器的OPTION响应具有正确的信息。它告诉客户端服务器正在接受什么
- 稍后再查看真正的请求PUT GET POST等等,进入服务器。它是否具有所需的所有标头?
- 您无需创建和OPTIONS路由。请参见RFC https://www.w3.org/TR/cors/
在该线程中添加OPTIONS请求和响应的副本(不是您创建的副本,而是您正在使用的软件包中的副本,如果您没有使用软件包,则寻找其中一个),以查看问题所在配置。
还添加下一个POST,GET,PUT等请求和响应
答案 1 :(得分:0)
首先有一个documentation about CORS我必须读懂,我无法避免我希望的那样。
来自Angular的两次呼叫
我的问题的部分答案实际上是 Angular的两个电话。
我不知道每次在subscribe上对httpclient.put()的呼叫都完成了!
调用subscribe()方法将执行observable,即 发起DELETE请求。
所以我所做的是:
- 致电
methodResult = httpclient.put('someUrl', someData, someHeader).subscribe({ data => { console.log('added') }); - 在此方法的调用方上,再次使用
abovePutMethod.subscribe( data => { doSomeThingWithComponentRefresh })进行调用
因此,只需一个呼叫即可订阅解决了我的两次呼叫问题
对于CORS协议的其余部分
Angular客户端
//UrlHelper
public static putHttpRequestOptions = {
headers: new HttpHeaders({
'Content-Type': 'application/json',
})
};
//Function call somewhere
const result = this.httpClient.put(url, jsonStringValues, UrlHelper.putHttpRequestOptions);
Java Resteasy服务器
// InitApplication extends Application
public InitApplication() {
super();
webServiceClasses = new HashSet<>();
webServiceClasses.add(PersonRestService.class);
webServiceClasses.add(CompanyRestService.class);
singletons = new LinkedHashSet<>();
singletons.add(this.getCorsFilter());
}
private CorsFilter getCorsFilter() {
CorsFilter result = new CorsFilter();
result.getAllowedOrigins().add("*");
result.setAllowedMethods("OPTIONS, GET, POST, DELETE, PUT, PATCH");
result.setCorsMaxAge(86400);//Max in FF 86400=24h https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age
//
return result;
}
// RestWebService
@PUT
@Path("/")
@Consumes(MediaType.APPLICATION_JSON)
public Response put(CompanyEntity entity ){
Object response = null;
String errMsg = null;
int responseStatus = -1;
try {
logger.debug("Received entity", entity);
companyService.persist(entity);
responseStatus = HttpStatus.SC_CREATED;
} catch (Exception e) {
errMsg = "Error adding Entity:" + entity;
logger.error(errMsg, e);
response = errMsg;
responseStatus = HttpStatus.SC_METHOD_FAILURE;
}
return ResponseUtil.getAlteredResponse(response, errMsg, responseStatus, HttpMethod.PUT);
}
// Called on result of all RestWebServices (I'm sure there are better/best practices, feel free to comment me this section)
/**
* @param param the object to send if errorMsg is null
* @param errorMsg if not null sends an error code with error Message
* @param responseStatus response status which can be found from HttpStatus.* (if <= 0 will be taken from errorMsg, or ok)
* @return an altered response which is customized
*/
public static Response getAlteredResponse( Object param, String errorMsg, int responseStatus, String httpMethod ) {
Response result = null;
int rStatus = responseStatus;
if (errorMsg != null && responseStatus <= 0) {
rStatus = HttpStatus.SC_UNPROCESSABLE_ENTITY;
} else if (errorMsg == null && responseStatus <= 0){
rStatus = HttpStatus.SC_OK;
}
String accessControlAllowMethods = "GET, POST, PUT, DELETE, OPTIONS, HEAD";
if ( errorMsg == null ) {
result = Response
.status(rStatus)
.header("Access-Control-Allow-Origin", "*") //TODO: fix permission here!
.header("Access-Control-Allow-Methods", accessControlAllowMethods)
.header("Access-Control-Max-Age", "1728000")
.entity(param)
.build();
}else{
result = Response.status(rStatus)
.header("Access-Control-Allow-Origin", "*") //TODO: fix permission here!
.header("Access-Control-Allow-Methods", accessControlAllowMethods)
.header("Access-Control-Max-Age", "1728000")
.entity(errorMsg)
.build();
}
return result;
}
答案 2 :(得分:0)
您可以在“网络”标签中使用Chrome DevTools查看流量
相关问题
最新问题
- 我写了这段代码,但我无法理解我的错误
- 我无法从一个代码实例的列表中删除 None 值,但我可以在另一个实例中。为什么它适用于一个细分市场而不适用于另一个细分市场?
- 是否有可能使 loadstring 不可能等于打印?卢阿
- java中的random.expovariate()
- Appscript 通过会议在 Google 日历中发送电子邮件和创建活动
- 为什么我的 Onclick 箭头功能在 React 中不起作用?
- 在此代码中是否有使用“this”的替代方法?
- 在 SQL Server 和 PostgreSQL 上查询,我如何从第一个表获得第二个表的可视化
- 每千个数字得到
- 更新了城市边界 KML 文件的来源?