[英]Custom headers in angular2 request
I have 2 applications: 我有2个应用程序:
localhost:4200 <- angular2 app
localhost:8080 <- spring boot app with security
In my a2 auth.service I try to login like this: 在我的A2身份验证服务中,我尝试这样登录:
const customHeaders = new Headers({
'socialmedia-auth-token': 'ABCDEFGJ'
});
//...
return this.http.post(loginpoint, JSON.stringify(worker), new RequestOptions({ headers: customHeaders, withCredentials: true }))
.toPromise()
.then(result => console.log(result))
.catch(this.errorHandler);
My springboot cors filter: 我的springboot cors过滤器:
@Component
@Order(Ordered.HIGHEST_PRECEDENCE)
public class CORSFilter implements Filter {
private Logger log = Logger.getLogger(CORSFilter.class);
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
throws IOException, ServletException {
log.info("####### CORS FILTER ###########");
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
response.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin"));
response.setHeader("Access-Control-Allow-Credentials", "true");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Expose-Headers", "socialmedia-auth-token");
response.setHeader("Access-Control-Allow-Headers", "Content-Type, Accept, X-Requested-With, remember-me, socialmedia-auth-token");
chain.doFilter(req, res);
}
And my AuthTokenFilter: 和我的AuthTokenFilter:
public class AuthTokenFilter extends UsernamePasswordAuthenticationFilter {
private static final String TOKEN_HEADER = "socialmedia-auth-token";
private Logger log = Logger.getLogger(AuthTokenFilter.class);
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain filter)
throws IOException, ServletException {
HttpServletRequest httpRequest = (HttpServletRequest) request;
String authToken = httpRequest.getHeader(TOKEN_HEADER);
log.info("####### AuthTokenFilter: " + authToken + " ###########");
The problem is that authToken is always null. 问题在于authToken始终为null。 I've tried to send request from rest-client extension for google-chrome browser and it works (i just add to headers from a single header: socialmedia-auth-token : asdfghhj).
我试图从rest-client扩展发送请求,以进行google-chrome浏览器,并且它可以正常工作(我只是从单个标头添加标头:socialmedia-auth-token:asdfghhj)。 I was able to receive asdfghhj in my AuthTokenFilter.
我能够在AuthTokenFilter中收到asdfghhj。
Google Chrome network: There is no socialmedia-auth-token parameter Google Chrome网络: 没有socialmedia-auth-token参数
Can you help me ? 你能帮助我吗 ? I don't know what is wrong with this code.
我不知道这段代码有什么问题。
Thank you chaoluo . 谢谢chaoluo 。 In CORSFilter I changed
在CORSFilter我改变了
chain.doFilter
to 至
if(!request.getMethod().equals("OPTIONS")) {
chain.doFilter(request, response);
}
and it works. 而且有效。 Thank you.
谢谢。
You should return 200
immediately with those headers when the request is preflight request ( Option
method) in your CORS
filter. 当请求是
CORS
筛选器中的预检请求( Option
方法)时,应立即返回带有这些标头的200
。 More see here (not-so-simple requests). 更多信息请参见此处 (请求不太简单)。
if (request.getHeader("Access-Control-Allow-Origin") != null && "OPTIONS".equals(request.getMethod())) {
// CORS "pre-flight" request
return ;
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.