【发布时间】:2019-10-28 16:13:37
【问题描述】:
我的项目是 Spring Boot 1.5.19 & Spring Security 4.2.6 & CometD 3.0.9。 在 UI 端日志是:CometD 订阅失败。 在服务后端日志中是:org.springframework.security.authentication.AuthenticationCredentialsNotFoundException: An Authentication object was not found in the SecurityContext 位置是 CorsFilter.java :chain.doFilter(req, resp);
此错误似乎不会影响功能、登录和握手以及元/连接始终正常。但是,Cometd 订阅失败并且页面总是刷新然后新数据将返回。这不是我想要的。我想实现实时数据。我不知道 SecurityContext 错误是不是这个问题的原因。
@Component
@Order(0)
public class CorsFilter implements Filter{
@Override
public void doFilter(ServletRequest req, ServletResponse resp,
FilterChain chain) throws IOException, ServletException {
HttpServletResponse response = (HttpServletResponse) resp;
HttpServletRequest request = (HttpServletRequest) req;
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "x-requested-with, authorization, Content-Type, Authorization, credential, X-XSRF-TOKEN");
if ("OPTIONS".equalsIgnoreCase(request.getMethod())) {
response.setStatus(HttpServletResponse.SC_OK);
} else {
chain.doFilter(req, resp);
}
}
@Override
public void destroy() {
}
@Override
public void init(FilterConfig arg0) throws ServletException {
}
}
希望没有错误,CometD 实时数据运行成功。
【问题讨论】:
标签: spring-boot spring-security cors