首页 文章

Angular 2,Oauth2,CORS错误:否'Access-Control-Allow-Origin'

提问于
浏览
2

目前我尝试使用角度2登录 spring oauth2 .

单击我的角度登录时出现此错误:

XMLHttpRequest无法加载http:// localhost:8080 / REM / oauth / token . 请求的资源上不存在“Access-Control-Allow-Origin”标头 . 因此不允许来源'http:// localhost:3000'访问 .

login(username: string, password: string) {
let headers = new Headers();
headers.append('Content-Type', 'application/x-www-form-urlencoded; charset=utf-8');
headers.append('Accept', 'application/json');

let options = new RequestOptions({ headers: headers });

let params = new URLSearchParams();
params.append('grant_type', "password");  
params.append('client_id', "client");
params.append('client_secret', "secret");
params.append('username', "user");
params.append('password', "pass");                             

return this.http.post(this.urlLogin, params.toString(), options).map(this.extractData);}

CORS

<mvc:cors>
    <mvc:mapping path="/**" allowed-origins="http://localhost:3000, *"
        allowed-methods="POST, GET, PUT, DELETE"
        allowed-headers="X-Requested-With, Content-Type, X-Codingpedia,Authorization, Accept, Origin"
        allow-credentials="false" max-age="3600" />
</mvc:cors>

Kindly find full server configuration at: https://github.com/robbyrahmana/Config

rest angular spring-security oauth cors

1 回答

  • 0

    我在 Spring 季启动时使用它你可以看到并产生一些差异

    @Component

    @Order(Ordered.HIGHEST_PRECEDENCE)

    公共类SimpleCORSFilter实现Filter {

    @Override
public void init(FilterConfig fc) throws ServletException {
}

@Override
public void doFilter(ServletRequest req, ServletResponse resp,
                     FilterChain chain) throws IOException, ServletException {
    HttpServletResponse response = (HttpServletResponse) resp;
    HttpServletRequest request = (HttpServletRequest) req;
    response.setHeader("Access-Control-Allow-Origin", "*");
    response.setHeader("Access-Control-Allow-Methods", "PATCH,POST,GET,OPTIONS,DELETE");
    response.setHeader("Access-Control-Max-Age", "3600");
    response.setHeader("Access-Control-Allow-Headers", "x-requested-with, authorization, Content-Type, Authorization, credential, X-XSRF-TOKEN");

    if ("OPTIONS".equalsIgnoreCase(request.getMethod())) {
        response.setStatus(HttpServletResponse.SC_OK);
    } else {
        chain.doFilter(req, resp);
    }

}

@Override
public void destroy() {
}

    }

    回复于

相关问题