gitee/mall4j
1
1
Fork 0
mirror of https://gitee.com/gz-yami/mall4j.git synced 2025-12-26 07:56:43 +08:00
Code Issues Packages Projects Releases Wiki Activity

cors跨域后端服务器配置

Browse Source
This commit is contained in:
chendt 2022-03-22 17:55:33 +08:00
parent 76e12342b0
commit ed66156003
1 changed files with 7 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
yami-shop-admin/src/main/java/com/yami/shop/admin/security/ResourceServerConfiguration.java
View File

@ -18,6 +18,7 @@ import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.web.cors.CorsUtils;
@Configuration
@EnableResourceServer
@ -32,15 +33,12 @@ public class ResourceServerConfiguration extends ResourceServerConfigurerAdapter
// @formatter:off
http
.addFilterBefore(loginAuthenticationFilter, UsernamePasswordAuthenticationFilter.class)
// Since we want the protected resources to be accessible in the UI as well we need
// session creation to be allowed (it's disabled by default in 2.0.6)
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
.and()
.requestMatchers().anyRequest()
.and()
.anonymous()
.and()
.authorizeRequests()
.csrf().disable().cors()
.and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
.and().authorizeRequests().requestMatchers(CorsUtils::isPreFlightRequest).permitAll()
.and().requestMatchers().anyRequest()
.and().anonymous()
.and().authorizeRequests()
.antMatchers(
"/webjars/**",
"/swagger/**",