已被CORS政策禁止:对预检请求的响应未通过

时间:2019-07-09 06:12:04

标签: java spring spring-boot authentication angular7

我已经使用angular和springboot创建了一个应用程序,用于通过Spring安全性进行基本身份验证,但是我遇到了401错误..i是springboot的新手

@Configuration
@EnableWebSecurity
public class SpringSecurityConfigurationBasicAuth extends WebSecurityConfigurerAdapter{ 

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .csrf().disable()
            .authorizeRequests()
            .antMatchers(HttpMethod.OPTIONS,"/**").permitAll()
                .anyRequest().authenticated()
                .and()
            //.formLogin().and()
            .httpBasic();
    }
}
  

“从原点“ http://localhost:8080/hello-world/path-variable/MSD”对“ http://localhost:4200”处XMLHttpRequest的访问已被CORS策略阻止:对预检请求的响应未通过访问控制检查:它没有HTTP正常状态。”

2 个答案:

答案 0 :(得分:0)

我也通过添加以下配置解决了angulat7和spring boot的相同问题

 @Configuration
    public class SpringDataRestConfiguration extends RepositoryRestConfigurerAdapter {

        @Override
        public void configureRepositoryRestConfiguration(RepositoryRestConfiguration config) {

        config.getCorsRegistry().addMapping("/**").allowedOrigins("*").allowedHeaders("*").allowedMethods("GET", "POST", "PATCH", "PUT", "DELETE");
        }

    }

答案 1 :(得分:0)

您可以尝试以下方法 在controller的顶部,您可以添加@CrossOrigin(origins = "*", allowedHeaders = "*")或根据需要自定义

...
@CrossOrigin(origins = "*", allowedHeaders = "*")
@RestController
public class UserController {
    // Methods
}
...

请尝试上述解决方案,让我知道这是否无效

编辑1: 您也可以尝试使用CORS选项创建过滤器:

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.annotation.Order;
import org.springframework.stereotype.Component;

@Component
@Order(1)
public class SimpleCORSFilter implements Filter {

    private final Logger log = LoggerFactory.getLogger(SimpleCORSFilter.class);

    public SimpleCORSFilter() {
        log.info("SimpleCORSFilter init");
    }

    @Override
    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
            throws IOException, ServletException {

        // HttpServletRequest request = (HttpServletRequest) req;
        HttpServletResponse response = (HttpServletResponse) res;

        response.setHeader("Access-Control-Allow-Origin", "*");
        response.setHeader("Access-Control-Allow-Credentials", "true");
        response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
        response.setHeader("Access-Control-Max-Age", "3600");
        response.setHeader("Access-Control-Allow-Headers", "Content-Type, Accept, X-Requested-With, remember-me");

        chain.doFilter(req, res);
    }

    @Override
    public void init(FilterConfig filterConfig) {
    }

    @Override
    public void destroy() {
    }

}

请尝试使用filters方法,并让我知道它是否无效

相关问题
最新问题