2016. 11. 18. 16:05ㆍ99. 정리전 - IT/11. Java
SpringFW in RESTful setting
RequestFilter.java
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.nimigate.framework.web.servlet.filter.AbstractRequestWrappingFilter;
public class RequestFilter extends AbstractRequestWrappingFilter {
@Override
public void preChain(ServletRequest request, ServletResponse response) {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse res = (HttpServletResponse) response;
//ajax cross domain 문제
//res.setHeader("Accept", "*/*");
//res.setHeader("Access-Control-Allow-Origin", "*");
//res.setHeader("Access-Control-Max-Age", "3600");
if (req.getHeader("Access-Control-Request-Method") != null && "OPTIONS".equals(req.getMethod())) {
res.addHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE");
//res.setHeader("Access-Control-Expose-Headers", "x-mslp-access-token");
res.setHeader("Access-Control-Allow-Headers", "Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization,x-mslp-access-token");
}
}
web.xml
<filter>
<filter-name>CorsFilter</filter-name>
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
<init-param>
<param-name>cors.exposed.headers</param-name>
<param-value>Access-Control-Allow-Origin,Access-Control-Allow-Credentials,x-mslp-access-token</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.headers</param-name>
<param-value>Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization,x-mslp-access-token</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.methods</param-name>
<param-value>GET, POST, PUT, DELETE, HEAD, OPTIONS</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CorsFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>