[英]Using @CrossOrigin annotation with JAX-RS (Jersey)
是否可以使用JAX-RS(Jersey)低音注釋來注釋@CrossOrigin(Spring-MVC)?
您可以通過使用注釋驅動的名稱綁定或動態綁定實現ContainerRequestFilter
和ContainerResponseFilter
(請參見: 過濾器 )來創建類似的內容。
這是您可以用於名稱或動態綁定的Annotation
:
import javax.ws.rs.NameBinding;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
@NameBinding
@Retention(RetentionPolicy.RUNTIME)
public @interface CrossOrigin {
String origins();
}
這是DynamicFeature
實現的不完整示例,其中包含並以動態方式注冊過濾器類:
import org.glassfish.jersey.server.model.AnnotatedMethod;
import javax.annotation.Priority;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.Priorities;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.container.*;
import javax.ws.rs.core.*;
import javax.ws.rs.ext.Provider;
import java.io.IOException;
@Provider
public class CrossOriginDynamicFeature implements DynamicFeature {
//check annotation, register filters if CrossOrigin is present (DynamicBinding)
@Override
public void configure(final ResourceInfo resourceInfo, final FeatureContext configuration) {
final AnnotatedMethod am = new AnnotatedMethod(resourceInfo.getResourceMethod());
if (resourceInfo.getResourceClass().getAnnotation(CrossOrigin.class) != null) {
configuration.register(CrossOriginFilter.class);
configuration.register(ResponseCorsFilter.class);
}
}
//this filter handles the request and checks the origin given
@Priority(Priorities.AUTHENTICATION)
private static class CrossOriginFilter implements ContainerRequestFilter {
@Context
private HttpServletRequest httpRequest;
@Context
private ResourceInfo resourceInfo;
@Override
public void filter(ContainerRequestContext requestContext)
throws IOException {
String origins = resourceInfo.getResourceMethod().getDeclaredAnnotation(CrossOrigin.class).origins();
String originHeader = requestContext.getHeaderString("origin");
//Maybe you want a different behaviour here.
//To prevent the execution of the annotated resource method
//if the origin of the request is not in the specified list,
//we break the execution with a 401.
if (Arrays.asList(origins.split(",")).contains(originHeader)) {
throw new WebApplicationException(Response.Status.UNAUTHORIZED);
}
}
}
//if the Request filter allows the access,
//the CORS header are added to the response here.
//There are other stackoverflow questions regarding this theme.
public class ResponseCorsFilter implements ContainerResponseFilter {
@Override
public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException {
//... add CORS header
}
}
}
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.