跨域 Ajax 请求 WSO2 IS [英] Cross-Domain Ajax Requests WSO2 IS

问题描述

curl -v -X POST -H "Authorization: Basic <base64 encoded client id:client secret value>" -k -d "grant_type=password&username=<username>&password=<password>" -H "Content-Type:application/x-www-form-urlencoded" https://localhost:9443/oauth2/token 

(来自 https://docs.wso2.com/display/IS520/Resource+Owner+Password+Credentials+Grant)

这个'curl'命令完美运行.但是当尝试通过ajax调用它时:

This 'curl' command works perfectly. But when try to call it through ajax:

  $.ajax({
      type: 'POST',
      data: 'grant_type=password&username=admin&password=admin',
      headers: {
        'Content-Type': 'application/x-www-form-urlencoded',
        'Authorization': 'Basic  Z0hLUlA3eThYTmJydl9JR1pJemxDQ1VJQlo0YTozT2VLaUlmUVViMk1yZzZ2YU5uQVFsWFpDU29h'
      },
      url: 'https://localhost:9443/oauth2/token',
      success: function(data) {
        console.log(data);
      }
    })
    };

我收到此错误:"XMLHttpRequest 无法加载 https://localhost:9443/oauth2/token.对预检请求的响应未通过访问控制检查:请求的资源上不存在Access-Control-Allow-Origin"标头.因此，不允许访问原点"."

如何配置 WSO2 IS 来处理它?或者有替代方案吗?

I got this error: "XMLHttpRequest cannot load https://localhost:9443/oauth2/token. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access."

How can I configure WSO2 IS to deal with it? Or is there an alternetive for this?

WSO2 API Manager(WSO2 API Manager CORS)存在类似问题.但是 WSO2 IS 中没有这样的目录 '/repository/deployment/server/synapse-configs/'.

There is a similar issue with WSO2 API Manager (WSO2 API Manager CORS). But there is no such directory '/repository/deployment/server/synapse-configs/' in WSO2 IS.

推荐答案

这是未在 Identity Server 上启用跨源资源共享 (CORS) 时的预期行为.事实上，您可以为 Identity Server 启用 CORS.检查 [1] 以了解如何操作.

This is the expected behaviour when cross origin resource sharing (CORS) is not enabled on Identity Server. In fact you can enable CORS for Identity Server. Check [1] on how to do it.

[1] http://hasanthipurnima.blogspot.com/2016/05/applying-cors-filter-to-wso2-identity.html

这篇关于跨域 Ajax 请求 WSO2 IS的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！