cxf支持cors跨域

摘要：前台直接ajax请求后台webService服务，可能涉及跨域，是否同源，可以参考http://www.ruanyifeng.com/blog/2016/04/same-origin-policy.html 环境：spring+cxf 顺便把搭建cxf rest服务的一些代码配置也贴出来了

一.所需jar

<!-- cxf --> <dependency> <groupId>org.apache.cxf</groupId> <artifactId>cxf-rt-frontend-jaxrs</artifactId> <version>3.1.7</version> <scope>provided</scope> </dependency> <dependency> <groupId>org.apache.cxf</groupId> <artifactId>cxf-rt-transports-http-jetty</artifactId> <version>3.1.7</version> <scope>provided</scope> </dependency> <dependency> <groupId>org.apache.cxf</groupId> <artifactId>cxf-rt-rs-extension-providers</artifactId> <version>3.1.7</version> <scope>provided</scope> </dependency> <!--cors--> <dependency> <groupId>org.apache.cxf</groupId> <artifactId>cxf-rt-rs-security-cors</artifactId> <version>3.1.7</version> </dependency>

接口代码

@Produces({MediaType.APPLICATION_JSON + ";charset=UTF-8"}) @Path("/") public interface OssTokenService { /** * <p>APP请求临时oss秘钥</p> * @return 返回临时访问oss的秘钥信息 */ @GET @CrossOriginResourceSharing( allowAllOrigins = true, allowOrigins = { "*" }, allowCredentials = true ) @Path("/token") public String getToken(); }

上面的@CrossOriginResourceSharing cxf支持cors跨域的注解{ allowAllOrigins : true 为真，资源将被返回 allowCredentials : true 为真，资源将被返回 allowOrigins : 允许的访问资源 } 注意的是，这里只是对这个接口里的这一个方法生效，放接口类上是对所有方法生效

spring.xml配置代码

<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context" xmlns:aop="http://www.springframework.org/schema/aop" xmlns:osgi="http://www.springframework.org/schema/osgi" xmlns:osgix="http://www.springframework.org/schema/osgi-compendium" xmlns:cxf="http://cxf.apache.org/core" xmlns:jaxrs="http://cxf.apache.org/jaxrs" xmlns:util="http://www.springframework.org/schema/util" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd http://cxf.apache.org/jaxrs http://cxf.apache.org/schemas/jaxrs.xsd http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd http://www.springframework.org/schema/osgi http://www.springframework.org/schema/osgi/spring-osgi.xsd http://www.springframework.org/schema/osgi-compendium http://www.springframework.org/schema/osgi-compendium/spring-osgi-compendium.xsd "> <context:annotation-config /> <context:component-scan base-package="com.yf.af.oss"/> <bean id="ossTokenService" class="com.yf.af.oss.service.impl.OssTokenServiceImpl" lazy-init="true" scope="singleton"> </bean> <!-- cxf --> <cxf:bus id="yfafOssBus"> <cxf:properties> <entry key="skip.default.json.provider.registration" value="true"/> <entry key="org.apache.cxf.jaxrs.bus.providers" value-ref="busProviders"/> </cxf:properties> <cxf:features> <cxf:logging/> </cxf:features> </cxf:bus> <util:list id="busProviders"> <ref bean="jsonProvider"/> </util:list> <bean id="jsonProvider" class="com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider" /> <jaxrs:server address="/oss"> <jaxrs:serviceBeans> <list> <ref bean="ossTokenService"/> </list> </jaxrs:serviceBeans> <!--cxf cors--> <jaxrs:providers> <bean class="org.apache.cxf.rs.security.cors.CrossOriginResourceSharingFilter" > <property name="allowOrigins" value="*"> </property> </bean> <!--<bean class="com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider"></bean>--> </jaxrs:providers> </jaxrs:server> </beans>

测试：HTML页面ajax请求

<!DOCTYPE HTML> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>test HTML</title> <script type="text/javascript" src="jquery-1.8.3.js"></script> <script> $(document).ready(function(){ /*$.getJSON("url", { 参数：'值' }, function(json) { alert("1111"); });*/ $("p").click(function(){ var requestURL ="http://localhost:8181/cxf/oss/token; $.ajax({ type: "GET", url: requestURL, data: null, async: false, dataType: 'json', success: function(data) { alert(data); } }); }); }); </script> </head> <body> <p>click</p> </body> </body> </html>