我正在尝试设置一个tomcat服务器来接收来自angular webapp的请求。在我开始尝试使用delete类型的请求之前,一切都正常。通过调试,我意识到问题出现在我的过滤器中,该过滤器检查用户在试图访问某些服务器资源时是否已经有会话,并拒绝这些请求。
代码如下:
后端会话筛选器:
public class SessionFilter extends HttpFilter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {
var out = response.getWriter();
ObjectMapper mapper = new ObjectMapper();
response.setContentType("application/json");
if (request.getSession(false) == null && !request.getRequestURI().equals("/login")) {
response.setStatus(401);
out.println(mapper.writerFor(ServletResponse.class).writeValueAsString(new ServletResponse("User must be logged in first!")));
return;
}
chain.doFilter(request, response);
}
@Override
public void destroy() {
}
}登录servlet(提供会话的servlet)
@WebServlet(urlPatterns = "/login")
public class LoginServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
sess = req.getSession(true);
sess.setMaxInactiveInterval(3600);
}
}执行删除请求的某个servlet
@WebServlet(urlPatterns = "/test")
public class TravelServlet extends HttpServlet {
@Override
protected void doDelete(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
PrintWriter out = resp.getWriter();
out.println(req.getParameter("test"));
}
}web.xml文件
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="https://jakarta.ee/xml/ns/jakartaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="https://jakarta.ee/xml/ns/jakartaee https://jakarta.ee/xml/ns/jakartaee/web-app_5_0.xsd"
version="5.0">
<filter>
<filter-name>SessionFilter</filter-name>
<filter-class>web.lab9.servlets.filters.SessionFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>SessionFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>CorsFilter</filter-name>
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
<init-param>
<param-name>cors.allowed.origins</param-name>
<param-value>http://localhost:4200</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.methods</param-name>
<param-value>GET,POST,DELETE,HEAD,OPTIONS,PUT</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.headers</param-name>
<param-value>Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers</param-value>
</init-param>
<init-param>
<param-name>cors.exposed.headers</param-name>
<param-value>Access-Control-Allow-Origin,Access-Control-Allow-Credentials</param-value>
</init-param>
<init-param>
<param-name>cors.support.credentials</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CorsFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>现在在前端,使用angular,我这样称呼请求:
this.http.delete<string>(this.url, {
params: new HttpParams().set('test', 'test'),
withCredentials: true
}).subscribe(result => {console.log(result);}, error => {console.log(error);});每当删除请求到达服务器时,会话都为null,并且我从会话筛选器中抛出一个错误。据我所知,这是因为飞行前的请求以及飞行前没有设置头的事实。我有什么办法可以绕过这件事吗?除了http servlet和过滤器之外,我不允许使用任何东西。
另外,我可以从会话筛选器中执行重定向操作吗?在使用delete请求之前,我能够做到这一点,但自从我开始使用它以来,我只遇到了一些问题,因为处理get/post请求的方法在处理delete/put/时根本不起作用。。。
1条答案
按热度按时间bkkx9g8r1#
问题在于过滤器的顺序。如果您希望访问以下筛选器中的Cookie,则cors筛选器应始终位于第一位。文档中没有提到任何类似的内容,所以我只是认为这无关紧要,但很明显,它确实如此。