Spring Boot-预检响应没有HTTP正常状态 [英] Spring boot - Response for preflight does not have HTTP ok status
问题描述
我正在使用Angular 5制作网络,每次尝试执行GET请求时都会遇到此错误.我在这里读了成千上万的答案,但没有一个对我有用.
I am making a web with Angular 5 and I am getting this error every time I try to do a GET request. I've read tons of tons of answers here and none of them working for me.
正如我所阅读的,这是因为我正在向此请求添加自定义标头,因为我使用的是Spring Security,因此我认为是造成问题的原因,因此需要完成此操作.这是我目前的Spring Security配置,我是通过阅读问题而制成的,但仍无法正常工作,我不知道自己是否在做错事情:
As I've read it's because I am adding custom headers to this request which needs to be done because I am using Spring Security which I think is causing the problem. This is my current Spring Security config which I've made out of reading questions but still not working, I don't know if I am doing something wrong in it:
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import java.util.Arrays;
@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.cors()
.and()
.authorizeRequests().anyRequest().permitAll()
.and()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.csrf().disable();
}
@Override
public void configure(WebSecurity web ) throws Exception
{
web.ignoring().antMatchers( HttpMethod.OPTIONS, "/**" );
}
@Bean
CorsConfigurationSource corsConfigurationSource() {
CorsConfiguration configuration = new CorsConfiguration();
configuration.setAllowedOrigins(Arrays.asList("*"));
configuration.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"));
configuration.setAllowedHeaders(Arrays.asList("authorization", "content-type", "x-auth-token"));
configuration.setExposedHeaders(Arrays.asList("x-auth-token"));
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", configuration);
return source;
}
}
希望您能对此有所帮助,因为我为此一直苦苦挣扎了几天.我认为这里的问题很明显是CORS,我的GET请求被转换为自定义headers和Spring Security的一个OPTIONS bec.
Hope you can give a hand on this bec I've been struggling for a few days with this. I think obviously the problem here is CORS, my GET request being converted to an OPTIONS one bec of the custom headers and Spring Security.
我还要提及我正在将Spring Boot与Jersey一起使用.
Also I'd like to mention that I am using Spring Boot with Jersey.
谢谢.
推荐答案
我能够解决此问题:
我的WebMvcConfiguration:
@Configuration
@EnableWebMvc
public class WebConfiguration extends WebMvcConfigurationSupport {
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
registry.addResourceHandler("/**");
}
}
我的安全配置:
@Override
protected void configure(HttpSecurity http) throws Exception {
http.cors().disable()
.authorizeRequests()
.antMatchers(HttpMethod.OPTIONS, "/**").permitAll()
.anyRequest()
.fullyAuthenticated()
.and()
.httpBasic()
.and()
.csrf().disable();
}
这篇关于Spring Boot-预检响应没有HTTP正常状态的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
