• notice
  • Congratulations on the launch of the Sought Tech site

shiro+jwt cross-domain problem

public class JwtFilter extends BasicHttpAuthenticationFilter {
    /**
     * Cross-domain support
     * @param request
     * @param response
     * @return
     * @throws Exception
     */
    @Override
    protected boolean preHandle(ServletRequest request, ServletResponse response) throws Exception {
        HttpServletRequest httpServletRequest = (HttpServletRequest) request;
        HttpServletResponse httpServletResponse = (HttpServletResponse) response;
        httpServletResponse.setHeader("Access-control-Allow-Origin", httpServletRequest.getHeader("Origin"));
        httpServletResponse.setHeader("Access-Control-Allow-Methods", "GET,POST,OPTIONS,PUT,DELETE");
        httpServletResponse.setHeader("Access-Control-Allow-Headers", httpServletRequest.getHeader("Access-Control-Request-Headers"));
        // When cross-domain, an option request will be sent first, here we directly return to the normal state for the option request
        if (httpServletRequest.getMethod().equals(RequestMethod.OPTIONS.name())) {
            httpServletResponse.setStatus(HttpStatus.OK.value());
            return false;
        }
        return super.preHandle(request, response);
    }
}

The first problem is that the token that does not use the request header has a cross-domain problem, and then I turned on the global cross-domain

@Configuration
public class WebConfig extends WebMvcConfigurerAdapter {
     /**
      * Servlet-based global configuration
      * @param registry
      */
     @Override
     public void addCorsMappings(CorsRegistry registry) {
         System.out.println("Processing global cross-domain");
         registry.addMapping("/**")
             .allowedOrigins("*")
             .allowedMethods("POST","GET","PUT","DELETE")
             .maxAge(1800)
             .allowCredentials(true)
             .allowedHeaders("*")
             .exposedHeaders("L-TOKEN");
     }
}

But the method in jwtFilter will always have cross-domain problems.What is the situation? How to solve it? Look at the Internet and say that you can use the above, but I found that it doesn't work.


You can try it like this

@Configuration
public class GlobalCorsConfig {
    /**
     * Filters that allow cross-domain calls
     */
    @Bean
    public CorsFilter corsFilter() {
        CorsConfiguration config = new CorsConfiguration();
        //Allow all domain names to make cross-domain calls
        config.addAllowedOrigin("*");
        //Allow sending cookies across
        config.setAllowCredentials(true);
        //Release all original header information
        config.addAllowedHeader("*");
        //Allow all request methods to be called across domains
        config.addAllowedMethod("*");
        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
        source.registerCorsConfiguration("/**", config);
        return new CorsFilter(source);
    }
}
/**
     * Cross-domain support
     * @param request
     * @param response
     * @return
     * @throws Exception
     */
    @Override
    protected boolean preHandle(ServletRequest request, ServletResponse response) throws Exception {
        HttpServletRequest httpServletRequest = (HttpServletRequest) request;
        HttpServletResponse httpServletResponse = (HttpServletResponse) response;
        httpServletResponse.setHeader("Access-control-Allow-Origin", httpServletRequest.getHeader("Origin"));
        httpServletResponse.setHeader("Access-Control-Allow-Methods", "GET,POST,OPTIONS,PUT,DELETE");
        httpServletResponse.setHeader("Access-Control-Allow-Headers", httpServletRequest.getHeader("Access-Control-Request-Headers"));
        // When cross-domain, an option request will be sent first, here we directly return to the normal state for the option request
        if (httpServletRequest.getMethod().equals(RequestMethod.OPTIONS.name())) {
            httpServletResponse.setStatus(HttpStatus.OK.value());
            return false;
        }
        return super.preHandle(request, response);
    }


Tags

Technical otaku

Sought technology together

Related Topic

1 Comments

author

lipitor 40mg us & lt;a href="https://lipiws.top/"& gt;atorvastatin 20mg price& lt;/a& gt; where can i buy atorvastatin

Qpvfta

2024-03-07

Leave a Reply

+