这两天springsecurity跨域访问,怎么也不行,控制不了
后来发现是使用的类不对
,cors过滤记得要使用的是org.springframework.web.cors.CorsConfigurationSource,二不是org.springframework.web.cors.reactive.CorsConfigurationSource,使用了这个
跨域2种实现方式 注意使用的类路径,不要使用错了
1)在WebSecurityConfigurerAdapter中实现
@Bean public CorsConfigurationSource corsConfigurationSource() { CorsConfiguration configuration = new CorsConfiguration(); // configuration.setAllowedOrigins(Arrays.asList("http://192.168.1.188:3100")); // configuration.setAllowedOrigins(Arrays.asList("http://127.0.0.1:5500")); configuration.setAllowedOrigins(ignoredUrlsProperties.getCorsurls()); configuration.setAllowedMethods(Arrays.asList("GET","POST")); UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); source.registerCorsConfiguration("/**", configuration); return source; }
protected void configure(HttpSecurity http) throws Exception { // http.cors(withDefaults()); http.cors();}
第二种
@Component @Order(Ordered.HIGHEST_PRECEDENCE) public class WZCorsFilter extends CorsFilter { public WZCorsFilter() { super(corsConfigurationSource()); } public static CorsConfigurationSource corsConfigurationSource() { //这里似乎不能获取yml中的内容 CorsConfiguration configuration = new CorsConfiguration(); configuration.setAllowedOrigins(Arrays.asList("http://192.168.1.188:3100")); // configuration.setAllowedOrigins(Arrays.asList("http://127.0.0.1:5500")); configuration.setAllowedMethods(Arrays.asList("GET","POST")); System.out.println("aaa"); UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); source.registerCorsConfiguration("/**", configuration); return source; } // private static UrlBasedCorsConfigurationSource configurationSource() { // CorsConfiguration corsConfig = new CorsConfiguration(); // List<String> allowedHeaders = Arrays.asList("x-auth-token", "content-type", "X-Requested-With", "XMLHttpRequest"); // List<String> exposedHeaders = Arrays.asList("x-auth-token", "content-type", "X-Requested-With", "XMLHttpRequest"); // List<String> allowedMethods = Arrays.asList("POST", "GET", "DELETE", "PUT", "OPTIONS"); // List<String> allowedOrigins = Arrays.asList("http://127.0.0.1:5500"); List<String> allowedOrigins = Arrays.asList("http://192.168.1.188:8082"); // corsConfig.setAllowedHeaders(allowedHeaders); // corsConfig.setAllowedMethods(allowedMethods); // corsConfig.setAllowedOrigins(allowedOrigins); // corsConfig.setExposedHeaders(exposedHeaders); // corsConfig.setMaxAge(36000L); // corsConfig.setAllowCredentials(true); // // UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); // source.registerCorsConfiguration("/**", corsConfig); // return source; // } }