问题:
JWT用Spring靴连接角时CORS误差
程胤运
这是我每次登录(对服务器进行后调用)时在浏览器控制台中得到的错误
我试图使用REST连接angular和spring boot,以实现JWT身份验证和授权。
这是我的Angular服务,它对spring boot进行登录调用(http://localhost:8080/login),这是spring boot用spring-starter-security提供的默认/login页面(*我认为*)
export class JwtService {
constructor(private _http: HttpClient) {
}
submitData(credential){
credential = JSON.stringify(credential);
let reqHeader = new HttpHeaders();
return this._http.post("http://localhost:8080/login",credential);
}
}
@EnableWebSecurity
@Configuration
public class SecurityConfiguration extends WebSecurityConfigurerAdapter
implements WebMvcConfigurer{
private CustomAdminUserDetailService adminUserService;
private AdminDao adminDao;
public SecurityConfiguration(CustomAdminUserDetailService adminUserService, AdminDao adminDao) {
super();
this.adminUserService = adminUserService;
this.adminDao = adminDao;
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(authenticationProvider());
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable()
.addFilter(new JwtAuthenticationFilter(authenticationManager()))
.addFilter(new JwtAuthorizationFilter(authenticationManager(), this.adminDao))
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authorizeRequests().antMatchers("/login").permitAll()
.antMatchers("/home").hasRole("ADMIN");
}
@Bean
DaoAuthenticationProvider authenticationProvider() {
DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();
daoAuthenticationProvider.setUserDetailsService(adminUserService);
daoAuthenticationProvider.setPasswordEncoder(passwordEncoder());
return daoAuthenticationProvider;
}
@Bean
PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Override
public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("*").allowedMethods("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS")
.allowedHeaders("*")
.allowedOrigins("http://localhost:4200/");
WebMvcConfigurer.super.addCorsMappings(registry);
}
我还尝试在请求中包含allov-cross-origin标头,作为
export class JwtService {
constructor(private _http: HttpClient) {
}
submitData(credential){
credential = JSON.stringify(credential);
let reqHeader = new HttpHeaders();
reqHeader.set('Access-Control-Allow-Origin','*');
return this._http.post("http://localhost:8080/login",credential,{headers:reqHeader});
}
}
这是我的/home的restcontroller(我没有包括/login,因为spring boot默认情况下给它的是“我可能是错的,因为我不确定”)
@RestController
@CrossOrigin(origins = "http://localhost:4200")
public class AdminController {
@GetMapping("/home")
public String welcome() {
return "Hello world";
}
}
我尝试使用spring boot进行调试,
2020-03-21 21:41:14.087[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[ngodb.net:27017][0;39m [36morg.mongodb.driver.cluster [0;39m [2m:[0;39m Checking status of clustertest-shard-00-01-rmt6q.mongodb.net:27017
[2m2020-03-21 21:41:14.087[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[ngodb.net:27017][0;39m [36morg.mongodb.driver.protocol.command [0;39m [2m:[0;39m Sending command '{"ismaster": 1, "$db": "admin", "$clusterTime": {"clusterTime": {"$timestamp": {"t": 1584807064, "i": 1}}, "signature": {"hash": {"$binary": {"base64": "Qwv788i1WPfmVGkKUUq6jwsgR2U=", "subType": "00"}}, "keyId": 6803351677173760002}}}' with request id 284 to database admin on connection [connectionId{localValue:6, serverValue:139947}] to server clustertest-shard-00-01-rmt6q.mongodb.net:27017
[2m2020-03-21 21:41:14.350[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[ngodb.net:27017][0;39m [36morg.mongodb.driver.protocol.command [0;39m [2m:[0;39m Execution of command with request id 284 completed successfully in 262.49 ms on connection [connectionId{localValue:6, serverValue:139947}] to server clustertest-shard-00-01-rmt6q.mongodb.net:27017
[2m2020-03-21 21:41:14.351[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[ngodb.net:27017][0;39m [36morg.mongodb.driver.cluster [0;39m [2m:[0;39m Updating cluster description to {type=REPLICA_SET, servers=[{address=clustertest-shard-00-00-rmt6q.mongodb.net:27017, type=REPLICA_SET_SECONDARY, TagSet{[Tag{name='nodeType', value='ELECTABLE'}, Tag{name='provider', value='AWS'}, Tag{name='region', value='US_EAST_1'}]}, roundTripTime=336.3 ms, state=CONNECTED}, {address=clustertest-shard-00-01-rmt6q.mongodb.net:27017, type=REPLICA_SET_SECONDARY, TagSet{[Tag{name='nodeType', value='ELECTABLE'}, Tag{name='provider', value='AWS'}, Tag{name='region', value='US_EAST_1'}]}, roundTripTime=303.9 ms, state=CONNECTED}, {address=clustertest-shard-00-02-rmt6q.mongodb.net:27017, type=REPLICA_SET_PRIMARY, TagSet{[Tag{name='nodeType', value='ELECTABLE'}, Tag{name='provider', value='AWS'}, Tag{name='region', value='US_EAST_1'}]}, roundTripTime=335.4 ms, state=CONNECTED}]
[2m2020-03-21 21:41:14.784[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[ngodb.net:27017][0;39m [36morg.mongodb.driver.cluster [0;39m [2m:[0;39m Checking status of clustertest-shard-00-02-rmt6q.mongodb.net:27017
[2m2020-03-21 21:41:14.784[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[ngodb.net:27017][0;39m [36morg.mongodb.driver.protocol.command [0;39m [2m:[0;39m Sending command '{"ismaster": 1, "$db": "admin", "$clusterTime": {"clusterTime": {"$timestamp": {"t": 1584807064, "i": 1}}, "signature": {"hash": {"$binary": {"base64": "Qwv788i1WPfmVGkKUUq6jwsgR2U=", "subType": "00"}}, "keyId": 6803351677173760002}}}' with request id 285 to database admin on connection [connectionId{localValue:7, serverValue:157822}] to server clustertest-shard-00-02-rmt6q.mongodb.net:27017
[2m2020-03-21 21:41:14.786[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[ngodb.net:27017][0;39m [36morg.mongodb.driver.cluster [0;39m [2m:[0;39m Checking status of clustertest-shard-00-00-rmt6q.mongodb.net:27017
[2m2020-03-21 21:41:14.786[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[ngodb.net:27017][0;39m [36morg.mongodb.driver.protocol.command [0;39m [2m:[0;39m Sending command '{"ismaster": 1, "$db": "admin", "$clusterTime": {"clusterTime": {"$timestamp": {"t": 1584807064, "i": 1}}, "signature": {"hash": {"$binary": {"base64": "Qwv788i1WPfmVGkKUUq6jwsgR2U=", "subType": "00"}}, "keyId": 6803351677173760002}}}' with request id 286 to database admin on connection [connectionId{localValue:5, serverValue:145988}] to server clustertest-shard-00-00-rmt6q.mongodb.net:27017
[2m2020-03-21 21:41:15.135[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[ngodb.net:27017][0;39m [36morg.mongodb.driver.protocol.command [0;39m [2m:[0;39m Execution of command with request id 285 completed successfully in 351.23 ms on connection [connectionId{localValue:7, serverValue:157822}] to server clustertest-shard-00-02-rmt6q.mongodb.net:27017
[2m2020-03-21 21:41:15.136[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[ngodb.net:27017][0;39m [36morg.mongodb.driver.protocol.command [0;39m [2m:[0;39m Execution of command with request id 286 completed successfully in 349.71 ms on connection [connectionId{localValue:5, serverValue:145988}] to server clustertest-shard-00-00-rmt6q.mongodb.net:27017
[2m2020-03-21 21:41:15.136[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[ngodb.net:27017][0;39m [36morg.mongodb.driver.cluster [0;39m [2m:[0;39m Updating cluster description to {type=REPLICA_SET, servers=[{address=clustertest-shard-00-00-rmt6q.mongodb.net:27017, type=REPLICA_SET_SECONDARY, TagSet{[Tag{name='nodeType', value='ELECTABLE'}, Tag{name='provider', value='AWS'}, Tag{name='region', value='US_EAST_1'}]}, roundTripTime=336.3 ms, state=CONNECTED}, {address=clustertest-shard-00-01-rmt6q.mongodb.net:27017, type=REPLICA_SET_SECONDARY, TagSet{[Tag{name='nodeType', value='ELECTABLE'}, Tag{name='provider', value='AWS'}, Tag{name='region', value='US_EAST_1'}]}, roundTripTime=303.9 ms, state=CONNECTED}, {address=clustertest-shard-00-02-rmt6q.mongodb.net:27017, type=REPLICA_SET_PRIMARY, TagSet{[Tag{name='nodeType', value='ELECTABLE'}, Tag{name='provider', value='AWS'}, Tag{name='region', value='US_EAST_1'}]}, roundTripTime=338.7 ms, state=CONNECTED}]
[2m2020-03-21 21:41:15.136[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[ngodb.net:27017][0;39m [36morg.mongodb.driver.cluster [0;39m [2m:[0;39m Updating cluster description to {type=REPLICA_SET, servers=[{address=clustertest-shard-00-00-rmt6q.mongodb.net:27017, type=REPLICA_SET_SECONDARY, TagSet{[Tag{name='nodeType', value='ELECTABLE'}, Tag{name='provider', value='AWS'}, Tag{name='region', value='US_EAST_1'}]}, roundTripTime=339.1 ms, state=CONNECTED}, {address=clustertest-shard-00-01-rmt6q.mongodb.net:27017, type=REPLICA_SET_SECONDARY, TagSet{[Tag{name='nodeType', value='ELECTABLE'}, Tag{name='provider', value='AWS'}, Tag{name='region', value='US_EAST_1'}]}, roundTripTime=303.9 ms, state=CONNECTED}, {address=clustertest-shard-00-02-rmt6q.mongodb.net:27017, type=REPLICA_SET_PRIMARY, TagSet{[Tag{name='nodeType', value='ELECTABLE'}, Tag{name='provider', value='AWS'}, Tag{name='region', value='US_EAST_1'}]}, roundTripTime=338.7 ms, state=CONNECTED}]
[2m2020-03-21 21:41:17.794[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[o-8080-Acceptor][0;39m [36mo.apache.tomcat.util.threads.LimitLatch [0;39m [2m:[0;39m Counting up[http-nio-8080-Acceptor] latch=1
[2m2020-03-21 21:41:17.795[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[nio-8080-exec-3][0;39m [36mo.a.tomcat.util.net.SocketWrapperBase [0;39m [2m:[0;39m Socket: [org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper@4050f960:org.apache.tomcat.util.net.NioChannel@22fe2d9:java.nio.channels.SocketChannel[connected local=/0:0:0:0:0:0:0:1:8080 remote=/0:0:0:0:0:0:0:1:56785]], Read from buffer: [0]
[2m2020-03-21 21:41:17.795[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[nio-8080-exec-3][0;39m [36morg.apache.tomcat.util.net.NioEndpoint [0;39m [2m:[0;39m Socket: [org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper@4050f960:org.apache.tomcat.util.net.NioChannel@22fe2d9:java.nio.channels.SocketChannel[connected local=/0:0:0:0:0:0:0:1:8080 remote=/0:0:0:0:0:0:0:1:56785]], Read direct from socket: [544]
[2m2020-03-21 21:41:17.795[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[nio-8080-exec-3][0;39m [36mo.a.coyote.http11.Http11InputBuffer [0;39m [2m:[0;39m Received [POST /login HTTP/1.1
Host: localhost:8080
Connection: keep-alive
Content-Length: 39
Accept: application/json, text/plain, */*
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Content-Type: text/plain
Origin: http://localhost:4200
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Referer: http://localhost:4200/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
{"username":"nachu","password":"nachu"}]
[2m2020-03-21 21:41:17.796[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[nio-8080-exec-3][0;39m [36mo.a.c.authenticator.AuthenticatorBase [0;39m [2m:[0;39m Security checking request POST /login
[2m2020-03-21 21:41:17.797[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[nio-8080-exec-3][0;39m [36morg.apache.catalina.realm.RealmBase [0;39m [2m:[0;39m No applicable constraints defined
[2m2020-03-21 21:41:17.797[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[nio-8080-exec-3][0;39m [36mo.a.c.authenticator.AuthenticatorBase [0;39m [2m:[0;39m Not subject to any constraint
[2m2020-03-21 21:41:17.797[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[nio-8080-exec-3][0;39m [36mo.s.security.web.FilterChainProxy [0;39m [2m:[0;39m /login at position 1 of 12 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
[2m2020-03-21 21:41:17.798[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[nio-8080-exec-3][0;39m [36mo.s.security.web.FilterChainProxy [0;39m [2m:[0;39m /login at position 2 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
[2m2020-03-21 21:41:17.798[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[nio-8080-exec-3][0;39m [36mo.s.security.web.FilterChainProxy [0;39m [2m:[0;39m /login at position 3 of 12 in additional filter chain; firing Filter: 'HeaderWriterFilter'
[2m2020-03-21 21:41:17.798[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[nio-8080-exec-3][0;39m [36mo.s.security.web.FilterChainProxy [0;39m [2m:[0;39m /login at position 4 of 12 in additional filter chain; firing Filter: 'LogoutFilter'
[2m2020-03-21 21:41:17.798[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[nio-8080-exec-3][0;39m [36mo.s.s.web.util.matcher.OrRequestMatcher [0;39m [2m:[0;39m Trying to match using Ant [pattern='/logout', GET]
[2m2020-03-21 21:41:17.798[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[nio-8080-exec-3][0;39m [36mo.s.s.w.u.matcher.AntPathRequestMatcher [0;39m [2m:[0;39m Request 'POST /login' doesn't match 'GET /logout'
[2m2020-03-21 21:41:17.798[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[nio-8080-exec-3][0;39m [36mo.s.s.web.util.matcher.OrRequestMatcher [0;39m [2m:[0;39m Trying to match using Ant [pattern='/logout', POST]
[2m2020-03-21 21:41:17.798[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[nio-8080-exec-3][0;39m [36mo.s.s.w.u.matcher.AntPathRequestMatcher [0;39m [2m:[0;39m Checking match of request : '/login'; against '/logout'
[2m2020-03-21 21:41:17.798[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[nio-8080-exec-3][0;39m [36mo.s.s.web.util.matcher.OrRequestMatcher [0;39m [2m:[0;39m Trying to match using Ant [pattern='/logout', PUT]
[2m2020-03-21 21:41:17.798[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[nio-8080-exec-3][0;39m [36mo.s.s.w.u.matcher.AntPathRequestMatcher [0;39m [2m:[0;39m Request 'POST /login' doesn't match 'PUT /logout'
[2m2020-03-21 21:41:17.798[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[nio-8080-exec-3][0;39m [36mo.s.s.web.util.matcher.OrRequestMatcher [0;39m [2m:[0;39m Trying to match using Ant [pattern='/logout', DELETE]
[2m2020-03-21 21:41:17.798[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[nio-8080-exec-3][0;39m [36mo.s.s.w.u.matcher.AntPathRequestMatcher [0;39m [2m:[0;39m Request 'POST /login' doesn't match 'DELETE /logout'
[2m2020-03-21 21:41:17.798[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[nio-8080-exec-3][0;39m [36mo.s.s.web.util.matcher.OrRequestMatcher [0;39m [2m:[0;39m No matches found
[2m2020-03-21 21:41:17.798[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[nio-8080-exec-3][0;39m [36mo.s.security.web.FilterChainProxy [0;39m [2m:[0;39m /login at position 5 of 12 in additional filter chain; firing Filter: 'JwtAuthenticationFilter'
[2m2020-03-21 21:41:17.798[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[nio-8080-exec-3][0;39m [36mo.s.s.w.u.matcher.AntPathRequestMatcher [0;39m [2m:[0;39m Checking match of request : '/login'; against '/login'
[2m2020-03-21 21:41:17.798[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[nio-8080-exec-3][0;39m [36mc.n.p.util.JwtAuthenticationFilter [0;39m [2m:[0;39m Request is to process authentication
in attempt authentication
spring boot generating token to authenticate authentication
[2m2020-03-21 21:41:17.802[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[nio-8080-exec-3][0;39m [36mo.s.s.authentication.ProviderManager [0;39m [2m:[0;39m Authentication attempt using org.springframework.security.authentication.dao.DaoAuthenticationProvider
[2m2020-03-21 21:41:17.802[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[nio-8080-exec-3][0;39m [36mo.s.d.m.r.query.StringBasedMongoQuery [0;39m [2m:[0;39m Created query Document{{username=nachu}} for Document{{}} fields.
[2m2020-03-21 21:41:17.803[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[nio-8080-exec-3][0;39m [36mo.s.data.mongodb.core.MongoTemplate [0;39m [2m:[0;39m find using query: { "username" : "nachu"} fields: Document{{}} for class: class com.nachu.project.repository.AdminUser in collection: admin_user
[2m2020-03-21 21:41:17.805[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[nio-8080-exec-3][0;39m [36morg.mongodb.driver.protocol.command [0;39m [2m:[0;39m Sending command '{"find": "admin_user", "filter": {"username": "nachu"}, "limit": 2, "$db": "school", "$clusterTime": {"clusterTime": {"$timestamp": {"t": 1584807074, "i": 1}}, "signature": {"hash": {"$binary": {"base64": "Mb5v7hdn1UfUpwhsk+1/C1JJTi8=", "subType": "00"}}, "keyId": 6803351677173760002}}, "lsid": {"id": {"$binary": {"base64": "9QYFHA01TUyDwe0kXrY5DQ==", "subType": "04"}}}}' with request id 287 to database school on connection [connectionId{localValue:8, serverValue:150674}] to server clustertest-shard-00-02-rmt6q.mongodb.net:27017
[2m2020-03-21 21:41:18.079[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[nio-8080-exec-3][0;39m [36morg.mongodb.driver.protocol.command [0;39m [2m:[0;39m Execution of command with request id 287 completed successfully in 273.69 ms on connection [connectionId{localValue:8, serverValue:150674}] to server clustertest-shard-00-02-rmt6q.mongodb.net:27017
User role is : [ADMIN]
spring boot successfully authentication the user
generating jwt token
sending response to the user
[2m2020-03-21 21:41:18.441[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[nio-8080-exec-3][0;39m [36mo.s.s.w.header.writers.HstsHeaderWriter [0;39m [2m:[0;39m Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@22d45307
[2m2020-03-21 21:41:18.441[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[nio-8080-exec-3][0;39m [36ms.s.w.c.SecurityContextPersistenceFilter[0;39m [2m:[0;39m SecurityContextHolder now cleared, as request processing completed
[2m2020-03-21 21:41:18.442[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[nio-8080-exec-3][0;39m [36mo.a.tomcat.util.net.SocketWrapperBase [0;39m [2m:[0;39m Socket: [org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper@4050f960:org.apache.tomcat.util.net.NioChannel@22fe2d9:java.nio.channels.SocketChannel[connected local=/0:0:0:0:0:0:0:1:8080 remote=/0:0:0:0:0:0:0:1:56785]], Read from buffer: [0]
[2m2020-03-21 21:41:18.442[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[nio-8080-exec-3][0;39m [36morg.apache.tomcat.util.net.NioEndpoint [0;39m [2m:[0;39m Socket: [org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper@4050f960:org.apache.tomcat.util.net.NioChannel@22fe2d9:java.nio.channels.SocketChannel[connected local=/0:0:0:0:0:0:0:1:8080 remote=/0:0:0:0:0:0:0:1:56785]], Read direct from socket: [0]
[2m2020-03-21 21:41:18.443[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[nio-8080-exec-3][0;39m [36mo.apache.coyote.http11.Http11Processor [0;39m [2m:[0;39m Socket: [org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper@4050f960:org.apache.tomcat.util.net.NioChannel@22fe2d9:java.nio.channels.SocketChannel[connected local=/0:0:0:0:0:0:0:1:8080 remote=/0:0:0:0:0:0:0:1:56785]], Status in: [OPEN_READ], State out: [OPEN]
[2m2020-03-21 21:41:18.444[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[nio-8080-exec-3][0;39m [36morg.apache.tomcat.util.net.NioEndpoint [0;39m [2m:[0;39m Registered read interest for [org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper@4050f960:org.apache.tomcat.util.net.NioChannel@22fe2d9:java.nio.channels.SocketChannel[connected local=/0:0:0:0:0:0:0:1:8080 remote=/0:0:0:0:0:0:0:1:56785]]
[2m2020-03-21 21:41:22.323[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[on(4)-127.0.0.1][0;39m [36msun.rmi.transport.tcp [0;39m [2m:[0;39m RMI TCP Connection(4)-127.0.0.1: accepted socket from [127.0.0.1:56788]
[2m2020-03-21 21:41:22.323[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[on(4)-127.0.0.1][0;39m [36msun.rmi.transport.tcp [0;39m [2m:[0;39m RMI TCP Connection(4)-127.0.0.1: (port 56134) op = 80
[2m2020-03-21 21:41:22.334[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[on(5)-127.0.0.1][0;39m [36msun.rmi.transport.tcp [0;39m [2m:[0;39m RMI TCP Connection(5)-127.0.0.1: accepted socket from [127.0.0.1:56790]
[2m2020-03-21 21:41:22.339[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[on(5)-127.0.0.1][0;39m [36msun.rmi.transport.tcp [0;39m [2m:[0;39m RMI TCP Connection(5)-127.0.0.1: (port 56135) op = 80
[2m2020-03-21 21:41:22.339[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[on(5)-127.0.0.1][0;39m [36msun.rmi.loader [0;39m [2m:[0;39m RMI TCP Connection(5)-127.0.0.1: name = "[Ljava.rmi.server.ObjID;", codebase = "", defaultLoader = sun.misc.Launcher$ExtClassLoader@25a78f17
[2m2020-03-21 21:41:22.339[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[on(5)-127.0.0.1][0;39m [36msun.rmi.loader [0;39m [2m:[0;39m RMI TCP Connection(5)-127.0.0.1: name = "java.rmi.server.ObjID", codebase = "", defaultLoader = sun.misc.Launcher$ExtClassLoader@25a78f17
[2m2020-03-21 21:41:22.339[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[on(5)-127.0.0.1][0;39m [36msun.rmi.loader [0;39m [2m:[0;39m RMI TCP Connection(5)-127.0.0.1: name = "java.rmi.server.UID", codebase = "", defaultLoader = sun.misc.Launcher$ExtClassLoader@25a78f17
[2m2020-03-21 21:41:22.340[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[on(5)-127.0.0.1][0;39m [36msun.rmi.loader [0;39m [2m:[0;39m RMI TCP Connection(5)-127.0.0.1: name = "java.rmi.dgc.Lease", codebase = "", defaultLoader = sun.misc.Launcher$ExtClassLoader@25a78f17
[2m2020-03-21 21:41:22.340[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[on(5)-127.0.0.1][0;39m [36msun.rmi.loader [0;39m [2m:[0;39m RMI TCP Connection(5)-127.0.0.1: name = "java.rmi.dgc.VMID", codebase = "", defaultLoader = sun.misc.Launcher$ExtClassLoader@25a78f17
[2m2020-03-21 21:41:22.340[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[on(5)-127.0.0.1][0;39m [36msun.rmi.loader [0;39m [2m:[0;39m RMI TCP Connection(5)-127.0.0.1: name = "[B", codebase = "", defaultLoader = sun.misc.Launcher$ExtClassLoader@25a78f17
[2m2020-03-21 21:41:22.341[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[on(4)-127.0.0.1][0;39m [36msun.rmi.transport.tcp [0;39m [2m:[0;39m RMI TCP Connection(4)-127.0.0.1: (port 56134) op = 82
[2m2020-03-21 21:41:22.341[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[on(4)-127.0.0.1][0;39m [36msun.rmi.transport.tcp [0;39m [2m:[0;39m RMI TCP Connection(4)-127.0.0.1: (port 56134) op = 84
[2m2020-03-21 21:41:22.342[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[on(5)-127.0.0.1][0;39m [36msun.rmi.transport.tcp [0;39m [2m:[0;39m RMI TCP Connection(5)-127.0.0.1: (port 56135) op = 80
[2m2020-03-21 21:41:22.346[0;39m [32mDEBUG[0;39m [35m10132[0;39m [2m---[0;39m [2m[on(5)-127.0.0.1][0;39m [36msun.rmi.transport.tcp [0;39m [2m:[0;39m RMI TCP Connection(5)-127.0.0.1: (port 56135) op = 80
public class JwtAuthenticationFilter extends UsernamePasswordAuthenticationFilter{
private AuthenticationManager authenticationManager;
public JwtAuthenticationFilter(AuthenticationManager authenticationManager) {
// super();
System.out.println("in constructor");
this.authenticationManager = authenticationManager;
}
@Override
public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response)
throws AuthenticationException {
System.out.println("in attempt authentication");
LoginViewModel credentials = null;
try {
credentials = new ObjectMapper().readValue(request.getInputStream(), LoginViewModel.class);
} catch (JsonParseException e) {
System.out.println("in json parse");
e.printStackTrace();
} catch (JsonMappingException e) {
System.out.println("in json map");
e.printStackTrace();
} catch (IOException e) {
System.out.println("in io exception");
e.printStackTrace();
}
System.out.println("spring boot generating token to authenticate authentication");
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(
credentials.getUsername(),
credentials.getPassword(),
new ArrayList<>());
Authentication auth = authenticationManager.authenticate(token);
return auth;
}
@Override
protected void successfulAuthentication(
HttpServletRequest request,
HttpServletResponse response,
FilterChain chain,
Authentication authResult) throws IOException, ServletException {
System.out.println("spring boot successfully authentication the user");
System.out.println("generating jwt token");
User user = (User) authResult.getPrincipal();
String token = JWT.create()
.withSubject(user.getUsername())
.withExpiresAt(new Date(System.currentTimeMillis()+ 1000 * 60 * 60 * 1))
.sign(Algorithm.HMAC512("adhfjhewr******fk23"));
response.addHeader("Authorization", "Bearer "+token);
System.out.println("sending response to the user");
}
POST /login HTTP/1.1
Host: localhost:8080
Connection: keep-alive
Content-Length: 39
Accept: application/json, text/plain, */*
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Content-Type: text/plain
Origin: http://localhost:4200
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Referer: http://localhost:4200/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
共有1个答案
邢浩邈
您应该在后端启用cors。Angular应用程序位于http://localhost:4200,浏览器拒绝向另一个域发出请求(在本例中为http://localhost:8080)。
有关CORS的详细信息。
因此,您应该在后端应用程序上列出前端url。
通过在应用程序类中添加一些行,您可以轻松地使用Spring Boot实现这一点:
@SpringBootApplication
public class Application implements WebMvcConfigurer {
...
/**
* CORS configuration
*/
@Override
public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/**")
.allowedOrigins(
"http://localhost:4200"
)
.allowedMethods(
"GET",
"PUT",
"POST",
"DELETE",
"PATCH",
"OPTIONS"
);
}
...
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.cors().and()...
}
}
类似资料:
-
我在我的Spring Boot应用程序中使用JWT。当我试图从Angular 6客户端登录时,我得到了CORS错误 我尝试为添加标题,甚至尝试使用一些chrome扩展,但仍然无法绕过CORS。我可以使用Postman访问登录API,并获得令牌。 Spring引导类 下面是我如何发出post请求来登录,这给了我一个错误 还有Angular中的接口
-
我在下面的链接中添加了过滤器作为问题的答案 Spring Boot Data Rest+CORS不能正确启用选项/删除
-
我试图从一个应用程序(spring-boot应用程序)调用另一个应用程序(angularjs)上的RESTendpoint。应用程序正在下列主机和端口上运行。 REST应用程序,使用Spring Boot, HTML应用程序,使用angularjs, 处理程序所做的只是根据用户是否登录、身份验证失败或注销,写出类似的JSON响应。如下所示。 对我错过了什么或者做错了什么有什么想法吗?
-
我有一个在8888端口上运行的Spring Boot后端应用程序和一个在4200端口上运行的Angular前端应用程序。 在我的Spring Boot应用程序中,我定义了以下bean来处理CORS: 我的配置如下所示: 通过这种配置,一切正常,我可以从Angular应用程序成功调用我的API。 但我想启用CSRF,所以我将安全配置更改为: 我在Angular应用程序中添加了以下: 问题是始终返回。
-
我正在使用Angular 2,并试图在get方法上发送一个标头参数。我有以下代码: 我得到这个错误: 我也添加了这些参数,但我得到了相同的错误: 谁能告诉我什么是正确的方式发送头参数。非常感谢:) URL“http://localhost:8080/users”来自spring boot web app(它是一个REST服务)。我正试图将angular应用程序与spring boot应用程序进行交
-
我有一个Spring Boot项目,使用Jersey作为我的REST服务,并使用AngularJS进行我的前端开发。当我在不使用任何控制器的情况下运行它并转到index.html(位于resource/statig/index.html中)时,它运行得很好。当我添加一个控制器时,它呈现给出字符串“index.html”作为输出。Spring Boot配置: 球衣配置: 控制器类:
-
我正在使用keycloak来保护我的rest服务。我引用的是这里给出的教程。我创建了其余部分和前端。现在,当我在后端添加keycloak时,当我的前端调用api时,我会得到CORS错误。 我调用的示例REST API 前端keycloak.json属性包括 我得到的CORS错误
-
我的服务器运行在localhost:8080(spring boot app)上,前端运行在localhost:3000(angular app)上。问题是我想从前端向后端服务器发出请求。我熟悉cors,但对我来说不起作用。我已将此添加到我的服务器: ,但我仍然得到 XMLHttpRequest无法加载http://localhost:8080/cars.请求被重定向到http://localho