1.shiro 权限未认证,会通过统一的 unauthorized 方法进行拦截,但是自己加了后 ,在自己本地没问题,和h5联调,一直出现跨域的问题。这个问题困扰了我半天,上网后发现好多处理方式。 自己用了这篇文章的可以了。
https://blog.csdn.net/u010042669/article/details/93308046
copy下自己的代码以及遇到的问题
1)添加shiro过滤器
package com.sq.transportmanage.gateway.api.web.filter; import org.apache.http.HttpStatus; import org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter; import org.springframework.stereotype.Component; import org.springframework.web.bind.annotation.RequestMethod; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; /** * @Author fanht * @Description 解决shiro 未认证后cors 跨域同源问题 * @Date 2020/3/11 下午7:12 * @Version 1.0 */ @Component public class CORSFilter extends BasicHttpAuthenticationFilter{ @Override protected boolean preHandle(ServletRequest request, ServletResponse response) throws Exception { HttpServletRequest req = (HttpServletRequest) request; HttpServletResponse res = (HttpServletResponse) response; res.setHeader("Access-control-Allow-Origin",req.getHeader("Origin")); res.setHeader("Access-Control-Allow-Methods","GET,POST,OPTIONS,PUT,DELETE"); // 响应首部 Access-Control-Allow-Headers 用于 preflight request (预检请求)中,列出了将会在正式请求的 Access-Control-Expose-Headers 字段中出现的首部信息。修改为请求首部 res.setHeader("Access-Control-Allow-Headers",req.getHeader("Access-Control-Request-Headers")); //给option请求直接返回正常状态 if(req.getMethod().equals(RequestMethod.OPTIONS.name())){ res.setStatus(HttpStatus.SC_OK); return false; } return super.preHandle(request, response); } }
2.添加后又遇到第二个问题,当请求后 没有认证的情况下,默认的地址是http。网上说的原因是 redirect请求后 header里面的信息清空了,当再次访问时候就出现跨域问题了。 嗯,然后参考了下这篇文章
https://blog.csdn.net/liqi_q/article/details/99681873 解决了
附上自己代码
package com.sq.transportmanage.gateway.api.web.filter; import org.springframework.stereotype.Component; import org.springframework.web.filter.OncePerRequestFilter; import javax.servlet.FilterChain; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; /** * @Author fanht * @Description 解决shiro跳转地址 http变更为https * @Date 2020/3/11 下午8:34 * @Version 1.0 */ @Component public class AbsoluteSendRedirectFilter extends OncePerRequestFilter { @Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { HttpTransWrapper transWrapper = new HttpTransWrapper(request,response); filterChain.doFilter(request,transWrapper); } }
package com.sq.transportmanage.gateway.api.web.filter; import org.apache.commons.lang.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.stereotype.Component; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponseWrapper; import java.io.IOException; import java.net.URI; import java.net.URISyntaxException; /** * @Author fanht * @Description http重写为https * @Date 2020/3/11 下午8:22 * @Version 1.0 */ @Component public class HttpTransWrapper extends HttpServletResponseWrapper{ private Logger logger = LoggerFactory.getLogger(this.getClass()); private final HttpServletRequest request; /** * Constructs a response adaptor wrapping the given response. * * @param response The response to be wrapped * @throws IllegalArgumentException if the response is null */ public HttpTransWrapper(final HttpServletRequest req, HttpServletResponse response) { super(response); this.request = req; } @Override public void sendRedirect(String location) throws IOException { if(StringUtils.isEmpty(location)){ super.sendRedirect(location); return; } try { final URI uri = new URI(location); if(uri.getScheme() != null){ super.sendRedirect(location); return; } } catch (URISyntaxException e) { logger.error("=======跳转异常========" + e); super.sendRedirect(location); } String finalUrl = "https://" + this.request.getServerName(); if(request.getServerPort() != 80 && request.getServerPort() != 443 ){ finalUrl += ":" + request.getServerPort(); } finalUrl += location;
if(finalUrl.indexOf("localhost") > 0){
//todo 如果是本地测试 仍然用http的
super.sendRedirect(location);
}else{
super.sendRedirect(finalUrl);
}
}
}
当然这样子配置后会出现本地启动时候,登录不进来的情况。。。看情况怎么处理下比较合适吧。一般uri里面本机的话有localhost,加个localhost的过滤就行了。。。 如果是localhost 仍然是http...