I've implemented CORS for my Spring MVC application. The following is in my Web.xml:
<filter>
<filter-name>simpleCORSFilter</filter-name>
<filter-class>com.tcs.filters.SimpleCORSFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>simpleCORSFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
After consulting CORS with spring-boot and angularjs not working I implemented a SimpleCORSFilter.java
class
And now I implemented the following in a Spring-security.xml file:
<http
use-expressions="true" auto-config="false" create-session="stateless"
disable-url-rewriting="true" entry-point-ref="entryPoint"
authentication-manager-ref="authenticationManager">
<bean id="entryPoint" class="com.tcs.web.EntryPoint" />
But when it is executing it's not calling the class below for either the "wrong/incorrect"-password case or the correct-password case.
So, CORS configuration is blocking the call to this, but if I remove CORS, it is calling UnauthorizedEntryPoint.
Could you let know how to properly call this?
public class EntryPoint implements AuthenticationEntryPoint{
@Override
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException)
throws IOException, ServletException{
// here some custom code about user like values etc
String userid = request.getParameter("userId")
response.sendError(HttpServletResponse.SC_UNAUTHORIZED,
"Unauthorized: Authentication token was either missing or invalid.");
}
}
See Question&Answers more detail:
os 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…