From d8ea4e728d8421a5ed0bad3486626d2b43b1333d Mon Sep 17 00:00:00 2001
From: fengxiang <110431245@qq.com>
Date: Thu, 12 Jul 2018 16:07:00 +0800
Subject: [PATCH] 跨域设置

---
 src/main/java/com/moral/security/config/WebSecurityConfig.java |    2 ++
 src/main/java/com/moral/controller/ScreenController.java       |   11 ++---------
 src/main/java/com/moral/security/endpoint/ProfileEndpoint.java |    6 ++----
 3 files changed, 6 insertions(+), 13 deletions(-)

diff --git a/src/main/java/com/moral/controller/ScreenController.java b/src/main/java/com/moral/controller/ScreenController.java
index 6a86664..11ada56 100644
--- a/src/main/java/com/moral/controller/ScreenController.java
+++ b/src/main/java/com/moral/controller/ScreenController.java
@@ -28,14 +28,7 @@
 import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.util.ObjectUtils;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
-import org.springframework.web.bind.annotation.RequestParam;
-import org.springframework.web.bind.annotation.ResponseBody;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
 import org.springframework.web.servlet.ModelAndView;
 import org.xml.sax.InputSource;
 import com.alibaba.fastjson.JSONArray;
@@ -58,7 +51,7 @@
  */
 @RestController
 @RequestMapping("/screen")
-//@CrossOrigin(origins = "*", maxAge = 3600)
+@CrossOrigin(origins = "*", maxAge = 3600)
 @SuppressWarnings({ "rawtypes", "unchecked", "unused" })
 @Api(tags = "Screen", description = "������������") 
 public class ScreenController {
diff --git a/src/main/java/com/moral/security/config/WebSecurityConfig.java b/src/main/java/com/moral/security/config/WebSecurityConfig.java
index c237db9..0082158 100644
--- a/src/main/java/com/moral/security/config/WebSecurityConfig.java
+++ b/src/main/java/com/moral/security/config/WebSecurityConfig.java
@@ -121,6 +121,8 @@
                 .antMatchers(permitAllEndpointList.toArray(new String[permitAllEndpointList.size()]))
                 .permitAll()
             .and()
+                .headers().frameOptions().disable()
+            .and()
                 .authorizeRequests()
                 .antMatchers(API_ROOT_URL).authenticated() // Protected API End-points
             .and()
diff --git a/src/main/java/com/moral/security/endpoint/ProfileEndpoint.java b/src/main/java/com/moral/security/endpoint/ProfileEndpoint.java
index 9349580..79d2b24 100644
--- a/src/main/java/com/moral/security/endpoint/ProfileEndpoint.java
+++ b/src/main/java/com/moral/security/endpoint/ProfileEndpoint.java
@@ -2,10 +2,7 @@
 
 import com.moral.security.auth.JwtAuthenticationToken;
 import com.moral.security.model.UserContext;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
-import org.springframework.web.bind.annotation.ResponseBody;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
 
 /**
  * End-point for retrieving logged-in user details.
@@ -17,6 +14,7 @@
 @RestController
 public class ProfileEndpoint {
     @RequestMapping(value="/user-context", method=RequestMethod.GET)
+    @CrossOrigin(origins = "*", maxAge = 3600)
     public @ResponseBody
     UserContext get(JwtAuthenticationToken token) {
         return  token.getPrincipal();

--
Gitblit v1.8.0