Community Learn Tools Library Leisure
search
English
Home > Web Front-end > JS Tutorial > How to Properly Configure CORS in Spring Boot with Spring Security?

How to Properly Configure CORS in Spring Boot with Spring Security?

Linda Hamilton
Release: 2024-11-27 00:17:10
Original
277 people have browsed it

How to Properly Configure CORS in Spring Boot with Spring Security?

CORS Configuration in Spring Boot and Spring Security

When using Spring Boot and Spring Security while supporting CORS, certain configuration issues can arise, leading to unexpected results.

One such issue is encountered when making a GET request with XMLHttpRequest and using CORS support, where a 200 status code is returned despite incorrect authentication credentials. This behavior introduces discrepancies in handling HTTP status codes on the front-end.

Solution

To resolve this problem, it is crucial to explicitly enable CORS support in Spring Security. This is accomplished by setting up CORS in Spring Security, which enables it to leverage Spring MVC CORS configuration.

For applications using @CrossOrigin annotations at the controller level, simply enabling Spring Security CORS support will suffice. The code below demonstrates this:

@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.cors().and()...
    }
}
Copy after login

For users opting for global CORS configuration, it is necessary to define a CorsConfigurationSource bean.

@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.cors().and()...
    }

    @Bean
    CorsConfigurationSource corsConfigurationSource() {
        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
        source.registerCorsConfiguration("/**", new CorsConfiguration().applyPermitDefaultValues());
        return source;
    }
}
Copy after login

By utilizing this approach, CORS support is effectively enabled in Spring Boot and Spring Security, addressing the issue where the proper CORS headers were not being added during authentication checks. Refer to the official Spring Security documentation on CORS for further details.

The above is the detailed content of How to Properly Configure CORS in Spring Boot with Spring Security?. For more information, please follow other related articles on the PHP Chinese website!

source:php.cn
Previous article:Why Does \"Uncaught ReferenceError: function is not defined\" Occur with Onclick Attributes, and How Can I Fix It? Next article:Why Does a 200 OK Ajax Response Sometimes Trigger an Error Event?
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Latest Articles by Author
Latest Issues
function_exists() cannot determine the custom function Function test () {return true;} if (function_exists ('test')) {echo "test is function...
From 2024-04-29 11:01:01
0
3
2064
How to display the mobile version of Google Chrome Hello teacher, how can I change Google Chrome into a mobile version?
From 2024-04-23 00:22:19
0
11
2225
The child window operates the parent window, but the output does not respond. The first two sentences are executable, but the last sentence cannot be implemented.
From 2024-04-19 15:37:47
0
1
1872
There is no output in the parent window document.onclick = function(){ window.opener.document.write('I am the output of the child ...
From 2024-04-18 23:52:34
0
1
1753
Where is the courseware about CSS mind mapping? Courseware
From 2024-04-16 10:10:18
0
0
1785
Related Topics
More>
Popular Recommendations
Popular Tutorials
More>
Related Tutorials
Popular Recommendations
Latest courses
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template