cors config update

8c4f2a92 · macro · 3b3882a9 · 8c4f2a92 · 8c4f2a92
Commit 8c4f2a92 authored Jul 27, 2019 by macro
--- a/mall-admin/src/main/java/com/macro/mall/config/GlobalCorsConfig.java
+++ b/mall-admin/src/main/java/com/macro/mall/config/GlobalCorsConfig.java
+package com.macro.mall.config;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
+import org.springframework.web.filter.CorsFilter;
+/**
+ * 全局跨域配置
+ * Created by macro on 2019/7/27.
+ */
+@Configuration
+public class GlobalCorsConfig {
+    /**
+     * 允许跨域调用的过滤器
+     */
+    @Bean
+    public CorsFilter corsFilter() {
+        CorsConfiguration config = new CorsConfiguration();
+        //允许所有域名进行跨域调用
+        config.addAllowedOrigin("*");
+        //允许跨越发送cookie
+        config.setAllowCredentials(true);
+        //放行全部原始头信息
+        config.addAllowedHeader("*");
+        //允许所有请求方法跨域调用
+        config.addAllowedMethod("*");
+        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+        source.registerCorsConfiguration("/**", config);
+        return new CorsFilter(source);
+    }
+}
--- a/mall-admin/src/main/java/com/macro/mall/config/SecurityConfig.java
+++ b/mall-admin/src/main/java/com/macro/mall/config/SecurityConfig.java
@@ -69,8 +69,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
                .permitAll()
                .antMatchers(HttpMethod.OPTIONS)//跨域请求会先进行一次options请求
                .permitAll()
-                .antMatchers("/**")//测试时全部运行访问
+//                .antMatchers("/**")//测试时全部运行访问
-                .permitAll()
+//                .permitAll()
                .anyRequest()// 除上面外的所有请求全部需要鉴权认证
                .authenticated();
        // 禁用缓存
@@ -112,23 +112,6 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
        return new JwtAuthenticationTokenFilter();
    }
-    /**
-     * 允许跨域调用的过滤器
-     */
-    @Bean
-    public CorsFilter corsFilter() {
-        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
-        CorsConfiguration config = new CorsConfiguration();
-        config.addAllowedOrigin("*");
-        config.setAllowCredentials(true);
-        config.addAllowedHeader("*");
-        config.addAllowedMethod("*");
-        source.registerCorsConfiguration("/**", config);
-        FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
-        bean.setOrder(0);
-        return new CorsFilter(source);
-    }
    @Bean
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {