由于項(xiàng)目是對老系統(tǒng)進(jìn)行技術(shù)升級改造,需要很長一段時(shí)間才會(huì)改造完畢,在改造過程為了不影響客戶使用份帐,所以決定在新系統(tǒng)不斷改造的過程中,依然可以訪問老系統(tǒng)词疼,就是將老系統(tǒng)的頁面嵌套見新系統(tǒng)俯树,在嵌套的過程中遇到如下問題:當(dāng)新系統(tǒng)拿著用戶信息登陸進(jìn)老系統(tǒng),老系統(tǒng)的頁面成功嵌套進(jìn)新系統(tǒng)贰盗,但是在此點(diǎn)擊老系統(tǒng)里面的功能時(shí)许饿,彈出老系統(tǒng)的登陸界面。
1.認(rèn)為是兩個(gè)系統(tǒng)寫在cookie中的jessionId沖突了舵盈,隨即修改一個(gè)系統(tǒng)的jessionId名稱陋率,但是問題依然存在。
2.在新系統(tǒng)訪問舊系統(tǒng)的時(shí)候秽晚,在舊系統(tǒng)添加過濾器代碼帶上Access-Control-Allow-Origin頭信息解決跨域問題瓦糟。
?
后臺添加過濾器
public void doFilter(ServletRequest servletRequest,
? ? ? ? ServletResponse servletResponse, FilterChain filterChain)
? ? ? ? throws IOException, ServletException {
? ? ? // TODO Auto-generated method stub
? ? ? ? //log.info("Adding Access Control Response Headers");
? ? ? ? HttpServletResponse response = (HttpServletResponse) servletResponse;
? ? ? // String origin =((HttpServletRequest) servletRequest).getHeader("Origin");
? ? ? String origin ="http://localhost:8080";
? ? ? ? response.setHeader("Access-Control-Allow-Origin", origin);
? ? ? ? response.setHeader("Access-Control-Allow-Credentials", "true");
? ? ? ? response.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, HEAD, OPTIONS");
? ? ? ? response.setHeader("Access-Control-Allow-Headers",
? ? ? ? ? ? ? ? "X-Requested-With, Origin, Accept, X-Request-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Date, Server, Cache-Control, withCredentials, AccessToken, User-Agent");
? ? ? ? response.setHeader("P3P", "CP=\"ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI\"");
? ? ? ? HttpServletRequest request = (HttpServletRequest) servletRequest;
? ? ? ? if ( request.getMethod().equals( "OPTIONS" ) ) {
? ? ? ? ? ? (response).setStatus(HttpServletResponse.SC_OK);
? ? ? ? ? ? return;
? ? ? ? }
? ? ? ? filterChain.doFilter(request, response);
? ? }
?
