hace 5 años · 8c4f2a9273
--- a/mall-admin/src/main/java/com/macro/mall/config/GlobalCorsConfig.java
+++ b/mall-admin/src/main/java/com/macro/mall/config/GlobalCorsConfig.java
@@ -0,0 +1,34 @@
 
				+package com.macro.mall.config;
			
 
				+
			
 
				+import org.springframework.context.annotation.Bean;
			
 
				+import org.springframework.context.annotation.Configuration;
			
 
				+import org.springframework.web.cors.CorsConfiguration;
			
 
				+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
			
 
				+import org.springframework.web.filter.CorsFilter;
			
 
				+
			
 
				+/**
			
 
				+ * 全局跨域配置
			
 
				+ * Created by macro on 2019/7/27.
			
 
				+ */
			
 
				+@Configuration
			
 
				+public class GlobalCorsConfig {
			
 
				+
			
 
				+    /**
			
 
				+     * 允许跨域调用的过滤器
			
 
				+     */
			
 
				+    @Bean
			
 
				+    public CorsFilter corsFilter() {
			
 
				+        CorsConfiguration config = new CorsConfiguration();
			
 
				+        //允许所有域名进行跨域调用
			
 
				+        config.addAllowedOrigin("*");
			
 
				+        //允许跨越发送cookie
			
 
				+        config.setAllowCredentials(true);
			
 
				+        //放行全部原始头信息
			
 
				+        config.addAllowedHeader("*");
			
 
				+        //允许所有请求方法跨域调用
			
 
				+        config.addAllowedMethod("*");
			
 
				+        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
			
 
				+        source.registerCorsConfiguration("/**", config);
			
 
				+        return new CorsFilter(source);
			
 
				+    }
			
 
				+}
			
--- a/mall-admin/src/main/java/com/macro/mall/config/SecurityConfig.java
+++ b/mall-admin/src/main/java/com/macro/mall/config/SecurityConfig.java
@@ -69,8 +69,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
 
				                 .permitAll()
			
 
				                 .antMatchers(HttpMethod.OPTIONS)//跨域请求会先进行一次options请求
			
 
				                 .permitAll()
			
 
				-                .antMatchers("/**")//测试时全部运行访问
			
 
				-                .permitAll()
			
 
				+//                .antMatchers("/**")//测试时全部运行访问
			
 
				+//                .permitAll()
			
 
				                 .anyRequest()// 除上面外的所有请求全部需要鉴权认证
			
 
				                 .authenticated();
			
 
				         // 禁用缓存
			
@@ -112,23 +112,6 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
 
				         return new JwtAuthenticationTokenFilter();
			
 
				     }
			
 
				 
			
 
				-    /**
			
 
				-     * 允许跨域调用的过滤器
			
 
				-     */
			
 
				-    @Bean
			
 
				-    public CorsFilter corsFilter() {
			
 
				-        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
			
 
				-        CorsConfiguration config = new CorsConfiguration();
			
 
				-        config.addAllowedOrigin("*");
			
 
				-        config.setAllowCredentials(true);
			
 
				-        config.addAllowedHeader("*");
			
 
				-        config.addAllowedMethod("*");
			
 
				-        source.registerCorsConfiguration("/**", config);
			
 
				-        FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
			
 
				-        bean.setOrder(0);
			
 
				-        return new CorsFilter(source);
			
 
				-    }
			
 
				-
			
 
				     @Bean
			
 
				     @Override
			
 
				     public AuthenticationManager authenticationManagerBean() throws Exception {