GlassFish:如何设置访问控制允许源标题
我正在使用GlassFish的最新版本。我想在响应中设置Access Control Allow Origin标头,以便可以从任何域调用托管在GlassFish上的API。但是我无法找到在哪里设置它。在我的情况下,API请求由Jersey独家处理,因此我可以在GlassFish:如何设置访问控制允许源标题,glassfish,java-ee-6,glassfish-3,Glassfish,Java Ee 6,Glassfish 3,我正在使用GlassFish的最新版本。我想在响应中设置Access Control Allow Origin标头,以便可以从任何域调用托管在GlassFish上的API。但是我无法找到在哪里设置它。在我的情况下,API请求由Jersey独家处理,因此我可以在ContainerResponseFilter中设置响应头: package my.app; import com.sun.jersey.spi.container.ContainerRequest; import com.sun.jer
ContainerResponseFilter中设置响应头:
package my.app;
import com.sun.jersey.spi.container.ContainerRequest;
import com.sun.jersey.spi.container.ContainerResponse;
import com.sun.jersey.spi.container.ContainerResponseFilter;
public class CrossOriginResourceSharingFilter implements ContainerResponseFilter {
@Override
public ContainerResponse filter(ContainerRequest creq, ContainerResponse cresp) {
cresp.getHttpHeaders().putSingle("Access-Control-Allow-Origin", "*");
cresp.getHttpHeaders().putSingle("Access-Control-Allow-Credentials", "true");
cresp.getHttpHeaders().putSingle("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT");
cresp.getHttpHeaders().putSingle("Access-Control-Allow-Headers", "Content-Type, Accept");
return cresp;
}
}
在web.xml中启用筛选器:
<servlet>
<servlet-name>Gateway Servlet</servlet-name>
<servlet-class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet-class>
<init-param>
<param-name>com.sun.jersey.spi.container.ContainerResponseFilters</param-name>
<param-value>my.app.CrossOriginResourceSharingFilter</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
网关Servlet
com.sun.jersey.spi.container.servlet.ServletContainer
com.sun.jersey.spi.container.ContainerResponseFilters
my.app.CrossOriginResourceSharingFilter
1.
如果您不使用Jersey,我想您可以创建一个类似的servlet响应过滤器。下面是一个Java EE标准方法。除了所使用的库包(javax)和获取头的方法调用(getHeaders)不同之外,它几乎与Jersey示例完全相同
因为您使用了标签java-ee-6,所以我认为@Provider不受支持。我使用了以下代码,基于:
最好也是最简单的方法是右键单击项目
然后选择跨源资源共享筛选器
您能否添加一个示例,说明如何在没有jersey的情况下做到这一点?好吧,对于CXF来说,本文中描述的方法不起作用,因为jax rs 2.0 API中的ContainerRequestFilter没有从Filter扩展/实现,因此无法配置为servlet筛选器。尝试这样做会导致类强制转换异常。如果java ee 6中没有ContainerResponseFilter,该答案如何被接受?glassfish 4.1中的web.xml如何?如果该条目不在上下文菜单中,请选择“其他…”,然后通过键入“交叉”来过滤选项列表。从现在起,你可以从莱昂纳多描述的上下文菜单中访问它。这个!!!我不知道为什么不经常提到这一点。工作起来很有魅力,只需要1秒的时间,这是一个不错的选择,尽管它比@Provider慢很多(我觉得值得一提)
import java.io.IOException;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerResponseContext;
import javax.ws.rs.container.ContainerResponseFilter;
import javax.ws.rs.ext.Provider;
@Provider
public class RestResponseFilter implements ContainerResponseFilter{
@Override
public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException{
responseContext.getHeaders().putSingle("Access-Control-Allow-Origin", "*");
responseContext.getHeaders().putSingle("Access-Control-Allow-Credentials", "true");
responseContext.getHeaders().putSingle("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT");
responseContext.getHeaders().putSingle("Access-Control-Allow-Headers", "Content-Type, Accept");
}
}
import java.io.IOException;
import java.util.logging.Logger;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletResponse;
@WebFilter(filterName = "AddHeaderFilter", urlPatterns = {"/*"})
public class ResponseFilter implements Filter {
private final static Logger log = Logger.getLogger(ResponseFilter.class.getName() );
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
if (response instanceof HttpServletResponse) {
log.info("Adding headers");
HttpServletResponse http = (HttpServletResponse) response;
http.addHeader("Access-Control-Allow-Origin", "*");
http.addHeader("Access-Control-Allow-Credentials", "true");
http.addHeader("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT");
}
chain.doFilter(request, response);
}