spring boot生成filter的方式也有两种
1、写一个继承filter的filter
public class CorsFilter implements Filter { @Override public void init(FilterConfig filterConfig) throws ServletException { } @Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws ServletException, IOException { HttpServletResponse response = (HttpServletResponse) servletResponse; HttpServletRequest request = (HttpServletRequest) servletRequest; response.setContentType("application/json; charset=utf-8"); response.setCharacterEncoding("UTF-8"); response.setHeader("Access-Control-Max-Age", "3600"); response.setHeader("Access-Control-Allow-Methods", "POST, GET,PUT, OPTIONS, DELETE"); response.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin")); response.setHeader("Access-Control-Allow-Credentials", "true"); response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, token"); filterChain.doFilter(request, response); System.out.println("===============================================test ======================================="); } @Override public void destroy() { }
然后再启动类中注册这个filter
@Bean public FilterRegistrationBean testFilterRegistration() { FilterRegistrationBean registration = new FilterRegistrationBean(); registration.setFilter(new com.zf.osaos.core.hybtest.CorsFilter()); registration.addUrlPatterns("/*"); registration.addInitParameter("paramName", "paramValue"); registration.setName("testFilter"); registration.setOrder(1); return registration; }2、同样先生成一个filter @Bean public FilterRegistrationBean testFilterRegistration() { FilterRegistrationBean registration = new FilterRegistrationBean(); registration.setFilter(new com.zf.osaos.core.hybtest.CorsFilter()); registration.addUrlPatterns("/*"); registration.addInitParameter("paramName", "paramValue"); registration.setName("testFilter"); registration.setOrder(1); return registration; } @Order(1) @WebFilter(filterName = "testFilter1", urlPatterns = "/*") public class CorsFilter implements Filter { @Override public void init(FilterConfig filterConfig) throws ServletException { } @Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws ServletException, IOException { HttpServletResponse response = (HttpServletResponse) servletResponse; HttpServletRequest request = (HttpServletRequest) servletRequest; response.setContentType("application/json; charset=utf-8"); response.setCharacterEncoding("UTF-8"); response.setHeader("Access-Control-Max-Age", "3600"); response.setHeader("Access-Control-Allow-Methods", "POST, GET,PUT, OPTIONS, DELETE");//http请求方式 response.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin")); response.setHeader("Access-Control-Allow-Credentials", "true"); response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, token"); filterChain.doFilter(request, response); System.out.println("===============================================test ======================================="); } @Override public void destroy() { } 注意:两个注解,@order代表注解表示执行过滤顺序,值越小,越先执行
然后在启动类中加入注解@ServletComponentScan
仅仅有了这些当然是不够的--------》
在实际开发过程中,发现跨域问题并不是那么好解决的,因为Springboot安全控制框架使用了Securtiy,它的身份认证基于 JSESSIONID,而axios框架默认是不发送cookie的,因此需要在axios配置中添加
axios.defaults.withCredentials = true;
axios.defaults.withCredentials = true在Controller对应的方法上加上
org.springframework.web.bind.annotation.CrossOrigin 的@CrossOrigin 或者直接在整个controller类上加
@CrossOrigin(origins = "http://domain2.com", maxAge = 3600, methods = {RequestMethod.GET, RequestMethod.POST}) @RestController public class UserController文献来源:https://blog.csdn.net/kendmr/article/details/84793760
