1. 首页
  2. 问答
  3. 401当我尝试将我的角JS连接到Spring Boot

401当我尝试将我的角JS连接到Spring Boot

2017-01-11 30 views
0

我在webstorm上创建了一个客户端角度,并且我在Eclipse上有一个Spring Boot服务器。问题是,当我尝试打开会话我收到此错误信息:401当我尝试将我的角JS连接到Spring Boot

OPTIONS http://localhost:8080/allquestions 401() 
(anonymous) @ angular.js:12410 
p @ angular.js:12155 
(anonymous) @ angular.js:11908 
(anonymous) @ angular.js:16648 
$eval @ angular.js:17972 
$digest @ angular.js:17786 
$apply @ angular.js:18080 
(anonymous) @ angular.js:19924 
f @ angular.js:6111 
(anonymous) @ angular.js:6390 


XMLHttpRequest cannot load http://localhost:8080/allquestions. Response for preflight has invalid HTTP status code 401

的WebConfig

@EnableWebMvc 
@Configuration 
@ComponentScan 
public class WebConfig extends WebMvcConfigurerAdapter { 

public WebConfig() { 
    super(); 
} 

@Override 
public void addViewControllers(ViewControllerRegistry registry) { 
    registry.addViewController("/login").setViewName("login"); 
    registry.addViewController("/").setViewName("welcome"); 
    registry.addViewController("/welcome").setViewName("welcome"); 
    registry.addViewController("/exam").setViewName("exam"); 
    registry.addViewController("/report").setViewName("report"); 
    registry.addViewController("/error").setViewName("error"); 
    registry.addViewController("/editing").setViewName("editing"); 
} 

@Override 
public void addResourceHandlers(final ResourceHandlerRegistry registry) { 
    super.addResourceHandlers(registry); 
    registry.addResourceHandler("/images/**").addResourceLocations("/images/"); 
    registry.addResourceHandler("/css/**").addResourceLocations("/css/"); 
    registry.addResourceHandler("/js/**").addResourceLocations("/js/"); 
}

控制器的一部分:

@RestController 
public class HomeController { 

@Autowired 
private BusinessModel businessModel; 
private List<String> messages; 

private User currentUser; 

@PostConstruct 
public void init() { 
    messages = businessModel.getMessages(); 
} 

// Communicate informations to client 
private void sendOptions(HttpServletResponse response) { 
    if (businessModel.getCorsNeeded().booleanValue()) { 
     // Fix the header CORS 
     response.addHeader("Access-Control-Allow-Origin", "*"); 
     // Header Authorization 
     response.addHeader("Access-Control-Allow-Headers", "Authorization"); 
    } 
} 

// questions list via OPTIONS 
@RequestMapping(value = "/allquestions", method = RequestMethod.OPTIONS) 
public void getAllQuestions(HttpServletResponse response) { 
    sendOptions(response); 
}

的SecurityConfig:

@Configuration 
@EnableWebSecurity 
public class SecurityConfig extends WebSecurityConfigurerAdapter { 

@Autowired 
private UsersService usersService; 

@Override 
protected void configure(HttpSecurity http) throws Exception { 
    http.httpBasic(); 
    http.authorizeRequests().antMatchers("/login").permitAll().antMatchers("/**").hasRole("USER").and().formLogin() 
      .loginPage("/login").and().logout(); 
} 

@Override 
protected void configure(AuthenticationManagerBuilder auth) throws Exception { 
    auth.userDetailsService(usersService).passwordEncoder(new BCryptPasswordEncoder()); 
} 
}

我可以' t添加xml文件(限制我的工作环境)...

我完全被封锁,我需要你的帮助!

来源

2017-01-11 ReNaR

回答

0

适合每个人的解决方案!

您创建一个过滤器谁可以让排序:

公共类CorsFilter实现过滤器{

@Override 
    public void destroy() { 
    } 

    @Override 
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain filter) 
      throws IOException, ServletException { 
     HttpServletResponse httpResponse = (HttpServletResponse) response; 
     httpResponse.setHeader("Access-Control-Allow-Origin", "*"); 
     httpResponse.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE"); 
     httpResponse.setHeader("Access-Control-Max-Age", "3600"); 
     httpResponse.setHeader("Access-Control-Allow-Headers", "Authorization"); 
     filter.doFilter(request, response); 
    } 

    @Override 
    public void init(FilterConfig arg0) throws ServletException { 
    } 

}

可以看到,过滤器为您创建的所有头。最想要的:httpResponse.setHeader(“Access-Control-Allow-Origin”,“”*)

然后,你可以调用过滤器在SecurityConfig:

@EnableAutoConfiguration 
@EnableWebSecurity 
public class SecurityConfig extends WebSecurityConfigurerAdapter { 

    @Autowired 
    private UsersService usersService; 

    @Override 
    protected void configure(HttpSecurity http) throws Exception { 
     http.addFilterBefore(new CorsFilter(), ChannelProcessingFilter.class); 
     http.csrf().disable(); 
     http.httpBasic(); 
     http.authorizeRequests().antMatchers(HttpMethod.OPTIONS, "/", "/**").permitAll(); 
     http.authorizeRequests().antMatchers(HttpMethod.GET, "/", "/**").permitAll(); 
     //http.authorizeRequests().antMatchers("/login").permitAll().antMatchers("/**").hasRole("USER").and().formLogin().loginPage("/login").and().logout(); 
    } 

    @Override 
    protected void configure(AuthenticationManagerBuilder auth) throws Exception { 
     auth.userDetailsService(usersService).passwordEncoder(new BCryptPasswordEncoder()); 
    } 
}

在那里,你可以看到过滤器是正确的请求之前拨打电话:http.addFilterBefore(新CorsFilter(),ChannelProcessingFilter.class)

这是我找到的最好的解决方案,唯一适用于我的作品!我希望它能帮助你!

来源

2017-01-24 08:13:21 ReNaR

相关问题

 相关问题