如何在CRXDE Lite / AEM中启用CORS [英] How to Enable CORS in CRXDE Lite/AEM
问题描述
我们使用CRX DE lite / Adobe EM作为我们的Angularjs SPA UI / frontend的后端。如何为这个后端技术设置CORS?我们可以访问此工具 http:// localhost:4502 / crx / de / index.jsp 更改设置。但我们不知道如何设置CORS启用。
We use CRX DE lite/Adobe EM as our backend for our Angularjs SPA UI/frontend. How can we set CORS for this backend technology? We have access to the tool http://localhost:4502/crx/de/index.jsp to change settings. But we are not sure how to set CORS enabled.
请咨询。
推荐答案
有两个OSGi服务值得关注(虽然我从来没有试图得到它们)
There are two OSGi services worth looking at (although I never tried to get them)
- com.adobe.cq.social .commons.cors.CORSAuthInfoPostProcessor
- com.adobe.cq.social.commons.cors.CORSAuthenticationFilter
我所做的(首先)是创建一个实现 AuthenticationInfoPostProcessor 的服务。在此,我设置了以下标题:
What I wound up doing (at first) was creating a service that implemented AuthenticationInfoPostProcessor. There, I set the following headers:
- 访问控制允许凭证
- 控制 - 允许原因
- 访问控制 - 允许方法
用于GET请求。但是当我们尝试POST时,我们碰到了浏览器发送的飞行前OPTIONS请求失败的问题,因为浏览器不是使用 login-token cookie 。
And everything was fine for GET requests. But when we tried POST, we ran into the issue that the browser was sending the pre-flight OPTIONS request which was failing because the browser was not doing it with login-token cookie.
然后我们尝试了一个 @SlingFiter ,但是落在正常的sling管道中,
Then we tried a @SlingFiter, however that falls in the normal sling pipeline, therefore it was after authentication was checked, so having no auth cookie, the pre-flight would always fail.
最后,我们实现了一个带有以下注释的过滤器:
Finally, we implemented a filter with the following annotations:
@Component(immediate = true)
@Service(value = Filter.class)
@Properties({ @Property(name = "pattern",
value = "/.*"),
@Property(name = Constants.SERVICE_RANKING,
intValue = 1000) })
这里的关键是模式属性,它将过滤器注册为Apache Felix Whiteboard过滤器,不是Sling。 请参阅此处。因此,过滤器会为OPTIONS设置CORS头并返回,并为其他所有内容设置CORS头,并将请求传递给链中的下一个过滤器。
The key here was the pattern property, which registers the filter as an Apache Felix Whiteboard filter, not Sling. See here. So the filter will set CORS headers for OPTIONS and return, and set CORS headers for everything else, and pass the request to the next filter in the chain.
这篇关于如何在CRXDE Lite / AEM中启用CORS的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
