我正在使用Spring Boot 1.3.0.RELEASE.我的代码基于使用Stomp和SocketJS的Spring Boot中的websocket启动指南.
当我从localhost运行客户端时:8080(Spring Server)......当然可行.直到我尝试从不同的端口调用它,我得到403禁止.我的CorsFilter设置如下.
使用Spring Boot启动Web套接字
我的客户端是.... http:// localhost:3000 我的Spring Boot服务器是... http:// localhost:8080我设置我的CorsFilter来访问我的客户端...
CorsFilterpackage hello;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
@Component
public class CorsFilter implements Filter {
private final Logger log = LoggerFactory.getLogger(CorsFilter.class);
public CorsFilter() {
log.info("SimpleCORSFilter init");
}
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
String clientOrigin = request.getHeader("origin");
response.addHeader("Access-Control-Allow-Origin", clientOrigin);
response.setHeader("Access-Control-Allow-Methods", "POST, GET, DELETE, PUT");
response.setHeader("Access-Control-Allow-Credentials", "true");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers",
"Origin, Accept, X-Requested-With, Content-Type, " +
"Access-Control-Request-Method, Access-Control-Request-Headers");
if (request.getMethod().equals("OPTIONS")) {
response.setStatus(HttpServletResponse.SC_OK);
} else {
chain.doFilter(request, response);
}
}
@Override
public void init(FilterConfig filterConfig) {
}
@Override
public void destroy() {
}
}
请求标题
Accept:*/* Accept-Encoding:gzip, deflate, sdch Accept-Language:en-US,en;q=0.8 Connection:keep-alive Host:localhost:8080 Origin:http://localhost:3000 Referer:http://localhost:3000/ User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36响应标题
Access-Control-Allow-Credentials:true Access-Control-Allow-Methods:POST, GET, DELETE, PUT Access-Control-Allow-Origin:http://localhost:3000 Access-Control-Max-Age:3600 Cache-Control:no-store, no-cache, must-revalidate, max-age=0 Content-Length:0 Date:Wed, 02 Dec 2015 13:59:25 GMT Server:Apache-Coyote/1.1
Mr. Spice.. 12
添加答案以防其他人遇到此问题.正如评论中所建议的那样,您需要使用文档中setAllowedOrigins描述的方法.因此,假设这是您正在关注的教程,您最终会得到一个如下所示的配置类:
@Configuration
@EnableWebSocketMessageBroker
public class WebSocketConfig extends AbstractWebSocketMessageBrokerConfigurer {
@Override
public void configureMessageBroker(MessageBrokerRegistry config) {
config.enableSimpleBroker("/your/topic");
config.setApplicationDestinationPrefixes("/yourapp");
}
@Override
public void registerStompEndpoints(StompEndpointRegistry registry) {
registry.addEndpoint("/your/endpoint").setAllowedOrigins("http://localhost:3000").withSockJS();
}
}
这将允许在localhost:3000上运行的stomp客户端订阅/your/endpoint.
添加答案以防其他人遇到此问题.正如评论中所建议的那样,您需要使用文档中setAllowedOrigins描述的方法.因此,假设这是您正在关注的教程,您最终会得到一个如下所示的配置类:
@Configuration
@EnableWebSocketMessageBroker
public class WebSocketConfig extends AbstractWebSocketMessageBrokerConfigurer {
@Override
public void configureMessageBroker(MessageBrokerRegistry config) {
config.enableSimpleBroker("/your/topic");
config.setApplicationDestinationPrefixes("/yourapp");
}
@Override
public void registerStompEndpoints(StompEndpointRegistry registry) {
registry.addEndpoint("/your/endpoint").setAllowedOrigins("http://localhost:3000").withSockJS();
}
}
这将允许在localhost:3000上运行的stomp客户端订阅/your/endpoint.
京公网安备 11010802040832号 | 京ICP备19059560号-6 