shiro+jwt cross-domain problem
public class JwtFilter extends BasicHttpAuthenticationFilter { /** * Cross-domain support * @param request * @param response * @return * @throws Exception */ @Override protected boolean preHandle(ServletRequest request, ServletResponse response) throws Exception { HttpServletRequest httpServletRequest = (HttpServletRequest) request; HttpServletResponse httpServletResponse = (HttpServletResponse) response; httpServletResponse.setHeader("Access-control-Allow-Origin", httpServletRequest.getHeader("Origin")); httpServletResponse.setHeader("Access-Control-Allow-Methods", "GET,POST,OPTIONS,PUT,DELETE"); httpServletResponse.setHeader("Access-Control-Allow-Headers", httpServletRequest.getHeader("Access-Control-Request-Headers")); // When cross-domain, an option request will be sent first, here we directly return to the normal state for the option request if (httpServletRequest.getMethod().equals(RequestMethod.OPTIONS.name())) { httpServletResponse.setStatus(HttpStatus.OK.value()); return false; } return super.preHandle(request, response); } }
The first problem is that the token that does not use the request header has a cross-domain problem, and then I turned on the global cross-domain
@Configuration public class WebConfig extends WebMvcConfigurerAdapter { /** * Servlet-based global configuration * @param registry */ @Override public void addCorsMappings(CorsRegistry registry) { System.out.println("Processing global cross-domain"); registry.addMapping("/**") .allowedOrigins("*") .allowedMethods("POST","GET","PUT","DELETE") .maxAge(1800) .allowCredentials(true) .allowedHeaders("*") .exposedHeaders("L-TOKEN"); } }
But the method in jwtFilter will always have cross-domain problems.What is the situation? How to solve it? Look at the Internet and say that you can use the above, but I found that it doesn't work.
You can try it like this
@Configuration public class GlobalCorsConfig { /** * Filters that allow cross-domain calls */ @Bean public CorsFilter corsFilter() { CorsConfiguration config = new CorsConfiguration(); //Allow all domain names to make cross-domain calls config.addAllowedOrigin("*"); //Allow sending cookies across config.setAllowCredentials(true); //Release all original header information config.addAllowedHeader("*"); //Allow all request methods to be called across domains config.addAllowedMethod("*"); UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); source.registerCorsConfiguration("/**", config); return new CorsFilter(source); } } /** * Cross-domain support * @param request * @param response * @return * @throws Exception */ @Override protected boolean preHandle(ServletRequest request, ServletResponse response) throws Exception { HttpServletRequest httpServletRequest = (HttpServletRequest) request; HttpServletResponse httpServletResponse = (HttpServletResponse) response; httpServletResponse.setHeader("Access-control-Allow-Origin", httpServletRequest.getHeader("Origin")); httpServletResponse.setHeader("Access-Control-Allow-Methods", "GET,POST,OPTIONS,PUT,DELETE"); httpServletResponse.setHeader("Access-Control-Allow-Headers", httpServletRequest.getHeader("Access-Control-Request-Headers")); // When cross-domain, an option request will be sent first, here we directly return to the normal state for the option request if (httpServletRequest.getMethod().equals(RequestMethod.OPTIONS.name())) { httpServletResponse.setStatus(HttpStatus.OK.value()); return false; } return super.preHandle(request, response); }
lipitor 40mg us & lt;a href="https://lipiws.top/"& gt;atorvastatin 20mg price& lt;/a& gt; where can i buy atorvastatin
Qpvfta
2024-03-07