场景及问题描述:
项目为前后端分离,后台项目使用Spring Boot框架整合了CAS Client。前端发起ajax请求到CAS Client,被CAS Filter拦截器重定向到CAS Server,出现CORS跨域问题 。
错误信息:
Chrome F12完整错误信息:
Failed to load [CAS client地址]: Redirect from '[CAS client地址]' to '[CAS server地址]' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin '[前端地址]' is therefore not allowed access.
Chrome F12关键错误信息:
No 'Access-Control-Allow-Origin' header is present on the requested resource
解决方案:
1、CAS Client中定义一个跨域Filter,注意:跨域Filter优先级必须要高于CAS FIlter,否则请求会先被CAS Filter先行执行,加跨域Filter则无意义。这里优先级设定为@Order(value=0),高于CAS FIlter。