带有嵌入式码头的跨源过滤器 [英] Cross Origin Filter with embedded Jetty
问题描述
我正在尝试让CrossOriginFilter与几个嵌入式Jetty服务器一起工作,它们都在我们的内部网络上运行.两者都在运行servlet,但是我需要服务器A的网页才能将其发布到服务器B的servlet.我想我需要将ACCESS_CONTROL_ALLOW_ORIGIN添加到CrossOriginFilter中,但是要找到如何使用没有web.xml的嵌入式Jetty实例来做到这一点并不容易.尝试访问服务器b的伺服器时,我在浏览器中收到以下错误消息
I'm trying to get a CrossOriginFilter working with a couple of embedded Jetty servers, both running on our internal network. Both are running servlets, but I need server A's web page to be able to post to server B's servlets. I think I need to add ACCESS_CONTROL_ALLOW_ORIGIN to a CrossOriginFilter but finding out how to do this with an embedded Jetty instance with no web.xml isn't proving to be easy. I get the following error message in the browser when trying to access server b's serlvets
No 'Access-Control-Allow-Origin' header is present on the requested resource
我正在使用angularjs在控制器中发布到其他服务器的servlet.
Im using angularjs to post to the other server's servlets in a controller.
这是其中一台服务器的代码(两者几乎相同)
And here is the code for one of the servers (both are pretty much the same)
Server server = new Server(httpPort);
ResourceHandler resource_handler = new ResourceHandler();
resource_handler.setDirectoriesListed(true);
resource_handler.setWelcomeFiles(new String[] { "index.html" });
resource_handler.setResourceBase("./http/");
ServletHandler handler = new ServletHandler();
handler.addServletWithMapping(ServerPageRoot.class, "/servlet/*");
FilterHolder holder = new FilterHolder(CrossOriginFilter.class);
holder.setInitParameter(CrossOriginFilter.ALLOWED_ORIGINS_PARAM, "*");
holder.setInitParameter(CrossOriginFilter.ACCESS_CONTROL_ALLOW_ORIGIN_HEADER, "*");
holder.setInitParameter(CrossOriginFilter.ALLOWED_METHODS_PARAM, "GET,POST,HEAD");
holder.setInitParameter(CrossOriginFilter.ALLOWED_HEADERS_PARAM, "X-Requested-With,Content-Type,Accept,Origin");
handler.addFilter(holder );
HandlerList handlers = new HandlerList();
handlers.setHandlers(new Handler[] { resource_handler, handler,new DefaultHandler() });
server.setHandler(handlers);
server.start();
推荐答案
几点:
- 请勿像这样裸体使用
ServletHandler
.ServletHandler
是ServletContextHandler
使用的内部类. -
ServletContextHandler
为所使用的各种servlet和过滤器提供所需的ServletContext
对象和状态. -
ServletContextHandler
还为整个上下文路径声明提供了一个地方 -
ServletContextHandler
也是欢迎文件声明的地方. - 不要使用
ResourceHandler
,当您有DefaultServlet
可用时,它的功能和功能会更加丰富.
- Don't use
ServletHandler
naked like that. TheServletHandler
is an internal class thatServletContextHandler
uses. - The
ServletContextHandler
is what provides the neededServletContext
object and state for the various servlets and filters you are using. - The
ServletContextHandler
also provides a place for the overall Context Path declaration - The
ServletContextHandler
is also the place for Welcome Files declaration. - Don't use
ResourceHandler
, when you haveDefaultServlet
available, its far more capable and feature rich.
示例:
Server server = new Server(httpPort);
// Setup the context for servlets
ServletContextHandler context = new ServletContextHandler();
// Set the context for all filters and servlets
// Required for the internal servlet & filter ServletContext to be sane
context.setContextPath("/");
// The servlet context is what holds the welcome list
// (not the ResourceHandler or DefaultServlet)
context.setWelcomeFiles(new String[] { "index.html" });
// Add a servlet
context.addServlet(ServerPageRoot.class,"/servlet/*");
// Add the filter, and then use the provided FilterHolder to configure it
FilterHolder cors = context.addFilter(CrossOriginFilter.class,"/*",EnumSet.of(DispatcherType.REQUEST));
cors.setInitParameter(CrossOriginFilter.ALLOWED_ORIGINS_PARAM, "*");
cors.setInitParameter(CrossOriginFilter.ACCESS_CONTROL_ALLOW_ORIGIN_HEADER, "*");
cors.setInitParameter(CrossOriginFilter.ALLOWED_METHODS_PARAM, "GET,POST,HEAD");
cors.setInitParameter(CrossOriginFilter.ALLOWED_HEADERS_PARAM, "X-Requested-With,Content-Type,Accept,Origin");
// Use a DefaultServlet to serve static files.
// Alternate Holder technique, prepare then add.
// DefaultServlet should be named 'default'
ServletHolder def = new ServletHolder("default", DefaultServlet.class);
def.setInitParameter("resourceBase","./http/");
def.setInitParameter("dirAllowed","false");
context.addServlet(def,"/");
// Create the server level handler list.
HandlerList handlers = new HandlerList();
// Make sure DefaultHandler is last (for error handling reasons)
handlers.setHandlers(new Handler[] { context, new DefaultHandler() });
server.setHandler(handlers);
server.start();
这篇关于带有嵌入式码头的跨源过滤器的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!