Java CORS阻止Spring网关请求(无ACCES0控制允许组织标头)
我有一个角度前端,spring云网关和一个spring web服务。当我尝试通过网关向SpringWeb服务发送GET/POST数据时,我收到以下错误:。当将数据直接发送到web服务时,它工作正常,因此我认为问题出在网关上 在网关中,我必须访问以下文件:Java CORS阻止Spring网关请求(无ACCES0控制允许组织标头),java,spring,cors,spring-cloud,gateway,Java,Spring,Cors,Spring Cloud,Gateway,我有一个角度前端,spring云网关和一个spring web服务。当我尝试通过网关向SpringWeb服务发送GET/POST数据时,我收到以下错误:。当将数据直接发送到web服务时,它工作正常,因此我认为问题出在网关上 在网关中,我必须访问以下文件: @Configuration @CrossOrigin(origins = "*") public class SpringCloudConfig { @Bean public RouteLocator gatewayRout
@Configuration
@CrossOrigin(origins = "*")
public class SpringCloudConfig {
@Bean
public RouteLocator gatewayRoutes(RouteLocatorBuilder builder){
return builder.routes()
.route(r -> r.path("/users/**")
.uri("http://localhost:8081/")
.id("userService"))
.route(r -> r.path("/posts/**")
.uri("http://localhost:8082/")
.id("postService"))
.route(r -> r.path("/auth/**")
.uri("http://localhost:8083/")
.id("securityService"))
.build();
}
}
应用程序。属性:我认为服务器:云:等等。。我会做这件事,但不会
server.port=8080
spring:
cloud:
gateway:
globalcors:
corsConfigurations:
'[/**]':
allowedOrigins: "*"
allowedMethods:
- GET
- POST
Pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.2.6.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<groupId>com.cloudGateway</groupId>
<artifactId>gateway</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>gateway</name>
<description>Gateway project for Spring Boot</description>
<properties>
<java.version>1.8</java.version>
<spring-cloud.version>Hoxton.SR3</spring-cloud.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-gateway</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
<exclusions>
<exclusion>
<groupId>org.junit.vintage</groupId>
<artifactId>junit-vintage-engine</artifactId>
</exclusion>
</exclusions>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-dependencies</artifactId>
<version>${spring-cloud.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
网关回购:
要连接到的服务:(这一项在直接连接时有效)(例如我的angular project)Spring文档告诉我们,在application.yml中声明这样的配置就足够了
spring:
cloud:
gateway:
globalcors:
corsConfigurations:
'[/**]':
allowedOrigins: "*"
allowedMethods:
- GET
- POST
您还可以定义自定义的CorsConfiguration:
@Configuration
public class CorsConfiguration{
@Bean
public CorsWebFilter corsWebFilter() {
final CorsConfiguration corsConfig = new CorsConfiguration();
corsConfig.setAllowedOrigins(Collections.singletonList("*"));
corsConfig.setMaxAge(3600L);
corsConfig.setAllowedMethods(Arrays.asList("GET", "POST"));
corsConfig.addAllowedHeader("*");
final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", corsConfig);
return new CorsWebFilter(source);
}
}
当您添加yml文件时会出现此问题,然后pom.xml文件将变为红色,您必须删除m2/存储库并重新构建项目,然后pom.xml正常,问题将得到解决。这样对我有效:
spring:
application:
name: API-GATEWAY
cloud:
gateway:
default-filters:
- DedupeResponseHeader=Access-Control-Allow-Credentials Access-Control-Allow-Origin
globalcors:
corsConfigurations:
'[/**]':
allowedOrigins: "*"
allowedMethods: "*"
allowedHeaders: "*"
routes:
- id: USER-SERVICE
uri: lb://USER-SERVICE
...
也许你需要设置“allowCredentials”
spring:
云:
网关:
环球公司:
公司配置:
'[/**]':
允许的来源:https://example.com"
allowCredentials:真
允许的方法:
-得到
-职位
我需要把这个CrosWebFilter放在哪里?我是否需要创建CustomCorsConfiguration类(因为它不存在)返回的CrosWebFilter需要一个CORSCOConfiguration源,但这里使用的是UrlBasedCorsConfigurationSource您使用的是哪个版本的spring云网关?我使用spring boot版本2.2.6,在pom.xml中我看到我使用0.0.1-快照作为云网关。我在两天前创建了这个项目,所以我想我已经有了最新版本的《谢谢你们》了。我尝试了很多东西,直到我看到这个才奏效。再次感谢你分享你的pom.xml吗?我添加了pom.xml。我还添加了repo,用于查看更多文件
spring:
application:
name: API-GATEWAY
cloud:
gateway:
default-filters:
- DedupeResponseHeader=Access-Control-Allow-Credentials Access-Control-Allow-Origin
globalcors:
corsConfigurations:
'[/**]':
allowedOrigins: "*"
allowedMethods: "*"
allowedHeaders: "*"
routes:
- id: USER-SERVICE
uri: lb://USER-SERVICE
...