0
[カートに追加]をクリックすると、次のエラーが表示されます。PUTリクエストの送信時にSpring + AngularJs + Tomcat 9.0 - 403エラーが発生する
PUT http://localhost:8080/emusicstore/rest/cart/add/97 403()
viewProduct.jsp
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>
<%@taglib prefix="form" uri="http://www.springframework.org/tags/form" %>
<%@include file="/WEB-INF/views/template/header.jsp" %>
<div class="container-wrapper">
<div class="container">
<div class="page-header">
<h1>Product Detail</h1>
<p class="lead">Here is the detail information of the product!</p>
</div>
<div class="container" ng-app = "cartApp">
<div class="row">
<div class="col-md-5">
<img src="<c:url value="/resources/images/${product.productId}.png" /> " alt="image"
style="width:100%"/>
</div>
<div class="col-md-5">
<h3>${product.productName}</h3>
<p>${product.productDescription}</p>
<p>
<strong>Manufacturer</strong> : ${product.productManufacturer}
</p>
<p>
<strong>Category</strong> : ${product.productCategory}
</p>
<p>
<strong>Condition</strong> : ${product.productCondition}
</p>
<h4>${product.productPrice} USD</h4>
<br>
<c:set var="role" scope="page" value="${param.role}" />
<c:set var="url" scope="page" value="/productList" />
<c:if test="${role='admin'}">
<c:set var="url" scope="page" value="/admin/productInventory" />
</c:if>
<p ng-controller="cartCtrl">
<a href="<c:url value="${url}" />" class="btn btn-default">Back</a>
<a href="#" class="btn btn-warning btn-large"
ng-click="addToCart('${product.productId}')"><span
class="glyphicon glyphicon-shopping-cart"></span>Add To Cart</a>
<a href="<c:url value="/cart"/>" class="btn btn-default"><span class="glyphicon glyphicon-hand-right"></span>View Cart</a>
</p>
</div>
</div>
</div>
<script src="<c:url value="/resources/js/controller.js" /> "></script>
controller.js
var cartApp = angular.module ("cartApp", []);
cartApp.controller("cartCtrl", function ($scope, $http){
$scope.refreshCart = function (cartId) {
$http.get('/emusicstore/rest/cart/'+$scope.cartId).success(function (data) {
$scope.cart=data;
});
};
$scope.clearCart = function() {
$http.delete('/emusicstore/rest/cart/'+$scope.cartId).success($scope.refreshCart($scope.cartId));
};
$scope.initCartId = function (cartId) {
$scope.cartId = cartId;
$scope.refreshCart(cartId);
};
$scope.addToCart = function (productId) {
$http.put('/emusicstore/rest/cart/add/'+productId).success(function (data) {
$scope.refreshCart($http.get('/emusicstore/rest/cart/cartId'));
alert("Product successfully added to the cart!")
});
};
$scope.removeFromCart = function (productId) {
$http.put('/emusicstore/rest/cart/remove/'+productId).success(function (data) {
$scope.refreshCart($http.get('/emusicstore/rest/cart/cartId'));
});
};
})。
CartController.java
package com.store.emusicstore.controller;
import java.util.logging.Logger;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.logging.Log;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.ResponseStatus;
import com.store.emusicstore.dao.CartDao;
import com.store.emusicstore.dao.ProductDao;
import com.store.emusicstore.model.Cart;
import com.store.emusicstore.model.CartItem;
import com.store.emusicstore.model.Product;
@Controller
@RequestMapping("/rest/cart")
public class CartController {
@Autowired
private CartDao cartDao;
@Autowired
private ProductDao productDao;
@RequestMapping(value="/{cartId}" , method = RequestMethod.GET)
public @ResponseBody Cart read(@PathVariable(value ="cartId") String cartId){
return cartDao.read(cartId);
}
@RequestMapping(value="/{cartId}", method = RequestMethod.PUT)
@ResponseStatus(value = HttpStatus.NO_CONTENT)
public void update(@PathVariable(value = "cartId") String cartId, @RequestBody Cart cart) {
cartDao.update(cartId, cart);
}
@RequestMapping(value = "/{cartId}", method = RequestMethod.DELETE)
@ResponseStatus(value = HttpStatus.NO_CONTENT)
public void delete(@PathVariable(value="cartId") String cartId) {
cartDao.delete(cartId);
}
@RequestMapping(value="/add/{productId}", method = RequestMethod.PUT)
@ResponseStatus(value = HttpStatus.NO_CONTENT)
public void addItem(@PathVariable (value = "productId") String productId, HttpServletRequest request) {
System.out.println("Inside addItem()");
String sessionId = request.getSession(true).getId();
Cart cart = cartDao.read(sessionId);
if(cart == null) {
cart = cartDao.create(new Cart(sessionId));
}
Product product = productDao.getProductById(Long.valueOf(productId));
if (product == null) {
throw new IllegalArgumentException(new Exception());
}
cart.addCartItem(new CartItem(product));
cartDao.update(sessionId, cart);
}
@RequestMapping(value="/remove/{productId}", method=RequestMethod.PUT)
@ResponseStatus(value=HttpStatus.NO_CONTENT)
public void removeItem(@PathVariable Long productId, HttpServletRequest request) {
String sessionId = request.getSession(true).getId();
Cart cart = cartDao.read(sessionId);
Product product = productDao.getProductById(productId);
if (product == null || cart == null) {
throw new IllegalArgumentException(new Exception());
}
cart.removeCartItem(new CartItem(product));
cartDao.update(sessionId, cart);
}
@ExceptionHandler(IllegalArgumentException.class)
@ResponseStatus(value = HttpStatus.BAD_REQUEST, reason = "Illegal request, please verify your payload")
public void handleClientErrors(Exception e){}
@ExceptionHandler(Exception.class)
@ResponseStatus(value = HttpStatus.INTERNAL_SERVER_ERROR, reason = "Internal Server")
public void handleServerErrors(Exception e){}
}
のweb.xml
<?xml version="1.0" encoding="UTF-8"?>
<!-- The definition of the Root Spring Container shared by all Servlets
and Filters -->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring/root-context.xml</param-value>
</context-param>
<!-- Creates the Spring Container shared by all Servlets and Filters -->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener
</listener-class>
</listener>
<!-- Processes application requests -->
<servlet>
<servlet-name>appServlet</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet
</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring/appServlet/servlet-context.xml
</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>appServlet</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<filter>
<display-name>springMultipartFilter</display-name>
<filter-name>springMultipartFilter</filter-name>
<filter-class>org.springframework.web.multipart.support.MultipartFilter
</filter-class>
</filter>
<filter-mapping>
<filter-name>springMultipartFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy
</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
物事は私がこれを解決するためにinorderを試みたがうまくいきませんでした
<?xml version="1.0" encoding="UTF-8"?>
<!-- The definition of the Root Spring Container shared by all Servlets
and Filters -->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring/root-context.xml</param-value>
</context-param>
<!-- Creates the Spring Container shared by all Servlets and Filters -->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener
</listener-class>
</listener>
<!-- Processes application requests -->
<servlet>
<servlet-name>appServlet</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet
</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring/appServlet/servlet-context.xml
</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>appServlet</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<filter>
<display-name>springMultipartFilter</display-name>
<filter-name>springMultipartFilter</filter-name>
<filter-class>org.springframework.web.multipart.support.MultipartFilter
</filter-class>
</filter>
<filter-mapping>
<filter-name>springMultipartFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy
</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
ルートのcontext.xml:
- tomcatのweb.xmlで 'readonly'をfalseに設定します。
- セキュリティ:httpタグ内のルートコンテキストに セキュリティ:csrf disabled = "true" を追加して、csrfを無効にします。
追加CorsFilter
<filter> <filter-name>CorsFilter</filter-name> <filter-class>org.apache.catalina.filters.CorsFilter</filter-class> <init-param> <param-name>cors.allowed.origins</param-name> <param-value>*</param-value> </init-param> <init-param> <param-name>cors.allowed.headers</param-name> <param-value>Content-Type,X-Requested-With,accept,authorization,Origin,Access-Control-Request-Method,Access-Control-Request-Headers</param-value> </init-param> <init-param> <param-name>cors.allowed.methods</param-name> <param-value>GET, POST, PUT, DELETE, OPTIONS, HEAD</param-value>
私はまだそれがPUTリクエストを送信したときに403エラーを取り除くことはできませんよ。
正しいファイルを表示してください。 root-context.xmlは春の設定ファイルのようには見えません。 –