springsecurity跨域问题

ec75ecf6 · zzrdark · 7435e5f3 · ec75ecf6 · ec75ecf6 · ec75ecf6
Commit ec75ecf6 authored Mar 06, 2020 by zzrdark
4 changed files
--- a/cneeds-server-datashow/src/main/java/com/mx/cneeds/server/datashow/config/OAuth2ResourceServer.java
+++ b/cneeds-server-datashow/src/main/java/com/mx/cneeds/server/datashow/config/OAuth2ResourceServer.java
@@ -26,7 +26,7 @@ public class OAuth2ResourceServer extends ResourceServerConfigurerAdapter {
                // 开启认证
                .anyRequest()
                .authenticated()
-                .and();
+                .and().cors().and().csrf().disable();


    }

--- a/cneeds-server-datashow/src/main/java/com/mx/cneeds/server/datashow/config/WebConfig.java
+++ b/cneeds-server-datashow/src/main/java/com/mx/cneeds/server/datashow/config/WebConfig.java
@@ -30,7 +30,7 @@ public class WebConfig implements WebMvcConfigurer {
    public void addCorsMappings(CorsRegistry registry) {
        registry.addMapping("/**")
                .allowedOrigins("*")
-                .allowedMethods("GET", "HEAD", "POST", "PUT", "DELETE", "OPTIONS","AUTHORIZATION")
+                .allowedMethods("GET", "HEAD", "POST", "PUT", "DELETE", "OPTIONS")
                .allowCredentials(true)
                .maxAge(3600)
                .allowedHeaders("*");

--- a/cneeds-server-datashow/src/main/java/com/mx/cneeds/server/datashow/filter/CrossFilter.java
+++ b/cneeds-server-datashow/src/main/java/com/mx/cneeds/server/datashow/filter/CrossFilter.java
@@ -34,9 +34,8 @@ public class CrossFilter implements Filter {
        httpResponse.setHeader("Access-Control-Allow-Methods", "*");
        httpResponse.setHeader("Access-Control-Max-Age", "3600");
        httpResponse.setHeader("Access-Control-Allow-Headers",
-                "Origin, X-Requested-With, Content-Type, Accept, Connection, User-Agent, Cookie, Authorization");
+                "Origin, X-Requested-With, Content-Type, Accept, Connection, User-Agent, Cookie, Authorization，Access-Control-Allow-Origin");
        httpResponse.setHeader("Access-Control-Allow-Credentials", "true");
-//        httpResponse.setHeader("Content-type", "application/json");
        httpResponse.setHeader("Cache-Control", "no-cache, must-revalidate");
        filterChain.doFilter(request, httpResponse);
    }

--- a/cneeds-server-datashow/src/main/java/com/mx/cneeds/server/datashow/web/user/UserController.java
+++ b/cneeds-server-datashow/src/main/java/com/mx/cneeds/server/datashow/web/user/UserController.java
@@ -4,12 +4,14 @@ import com.mx.cneeds.common.result.R;
 import com.mx.cneeds.common.vo.UserInfoVo;
 import com.mx.cneeds.server.datashow.client.AuthorizationClient;
 import com.mx.cneeds.common.dto.JwtToken;
+import com.netflix.client.http.HttpResponse;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;

+import javax.servlet.http.HttpServletResponse;
 import java.util.logging.Logger;

 /**
@@ -42,7 +44,7 @@ public class UserController {
    }

    @RequestMapping("/info")
-    public R getInfo(){
+    public R getInfo(HttpServletResponse response){
        UserInfoVo userInfoVo = new UserInfoVo();
        log.info("getInfo");
        userInfoVo.setName("admin");