我有使用角度6登录的用户服务是:
loginUser(user:any):Observable<any>{
const headers=new HttpHeaders({'Access-Control-Allow-Origin':'*'});
return this.http.post("http://localhost:8080/login",user,{headers:headers});
}
saveUser(user:any):Observable<any>{
const headers=new HttpHeaders({'Access-Control-Allow-Origin':'*'});
return this.http.post("http://localhost:8080/registration",user,{headers:headers});
}
我在春季启动中将所有选项启用为allowAll:
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
httpSecurity.csrf().disable().exceptionHandling().authenticationEntryPoint(authenticationEntryPoint).and()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
.authorizeRequests().
antMatchers("/**").permitAll()
.antMatchers("/registration").permitAll()
.antMatchers("/login").permitAll()
.antMatchers(HttpMethod.OPTIONS,"/**").permitAll()
.anyRequest().authenticated().and()
.formLogin()
.and()
.httpBasic();;
httpSecurity.addFilterBefore(authenticationTokenFilterBean(), UsernamePasswordAuthenticationFilter.class)
.addFilterAfter(new CsrfHeaderFilter(), CsrfFilter.class);
httpSecurity.headers().cacheControl();
httpSecurity.headers().httpStrictTransportSecurity().includeSubDomains(true).maxAgeInSeconds(31536000);
}
当我尝试从设置了这些项目的计算机登录并注册时, 但是,当我使用IP地址(例如192.168.1.111:8080/login)从其他计算机访问本地主机时,它显示出第一个错误:
Failed to load http://localhost:8080/login: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://192.168.1.111:8090' is therefore not allowed access.
然后我在chrome中添加了允许的跨原点扩展名,它再次向我显示了这样的错误:
Response for preflight does not have HTTP ok status.
答案 0 :(得分:1)
httpSecurity.authorizeRequests().requestMatchers(CorsUtils::isPreFlightRequest).permitAll()