Java中SSM框架解决跨域请求

方法一：@CrossOrigin注解的方法，只能作用在一个Controller层

直接在Controller类或方法前加上@CrossOrigin注解即可允许所有ip跨域访问

加在Controller类上表示该Controller的所有方法都支持跨域

加在Controller中的方法上表示仅该方法支持跨域

@CrossOrigin // 允许所有ip跨域
@CrossOrigin(origins = "192.168.0.1") //只允许指定ip跨域

方法二：在SpringMVC配置文件spring-context.xml中配置跨域请求

方法三：使用cors-filter包配置跨域

1、引入pom.xml依赖

	com.thetransactioncompany
	cors-filter
	2.5

2、在web.xml文件中注册Filter跨域过滤器

	CORS
	com.thetransactioncompany.cors.CORSFilter
	
		cors.allowOrigin
		*
	
	
		cors.supportedMethods
		 
		GET, POST, HEAD, PUT, DELETE
	
	
		cors.supportedHeaders
		Accept, Origin, X-Requested-With, Content-Type, Last-Modified
	
	
		cors.exposedHeaders
		Set-Cookie
	
	
		cors.supportsCredentials
		true
	


	CORS
	/*

方法四：自己写CrossingFilter跨域过滤器

1、写CrossingFilter过滤器类，实现(Interfaces)本地Apache Tomcat的Filter接口

package com.pmsapi.filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class CrossingFilter implements Filter {

	private boolean isCross = false;

	@Override
	public void destroy() {
		isCross = false;
	}

	@Override
	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
			throws IOException, ServletException {
		if (isCross) {
			HttpServletRequest httpServletRequest = (HttpServletRequest) request;
			HttpServletResponse httpServletResponse = (HttpServletResponse) response;
			System.out.println("拦截请求: " + httpServletRequest.getServletPath());
			httpServletResponse.setHeader("Access-Control-Allow-Origin", "*");
			// httpServletResponse.setHeader("Access-Control-Allow-Methods", "*"); // 表示所有请求都有效
			httpServletResponse.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
			httpServletResponse.setHeader("Access-Control-Max-Age", "0");
			httpServletResponse.setHeader("Access-Control-Allow-Headers",
					"Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With,userId,token");
			httpServletResponse.setHeader("Access-Control-Allow-Credentials", "true");
			httpServletResponse.setHeader("XDomainRequestAllowed", "1");
		}
		chain.doFilter(request, response);
	}

	@Override
	public void init(FilterConfig filterConfig) throws ServletException {
		String isCrossStr = filterConfig.getInitParameter("IsCross");
		isCross = isCrossStr.equals("true") ? true : false;
		System.out.println("跨域开启状态：" + isCrossStr);
	}
}

2、在web.xml文件中注册CrossingFilter过滤器

	CrossingFilter
	com.pmsapi.filter.CrossingFilter
	
		IsCross
		true
	


	CrossingFilter
	/*