Springboot配置跨域问题

Access to XMLHttpRequest at 'http://xxxxxx' from origin 'http://localhost:8081' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

跨域问题，后台SpringBoot+Shiro，跨域时GET会发起Options请求，若对Options进行session检查拦截会有问题，因为不会携带token等参数，需要对其过滤不进行处理，需要改动两处：
1.SpringMVC增加response设置

@Component
public class WebInterceptor extends HandlerInterceptorAdapter {
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {

        //允许api跨域
        response.setHeader("Access-Control-Allow-Origin", "*");
        response.setHeader("Access-Control-Allow-Methods", "POST, GET, DELETE,OPTIONS");
        response.setHeader("Access-Control-Max-Age", "3600");
        response.setHeader("Access-Control-Allow-Headers", "*");

        String method= request.getMethod();

        if (method.equals("OPTIONS")){
            response.setStatus(200);
            return false;
        }
        return true;
    }
}

2.Shiro增加配置，不对OPTIONS进行拦截，同时对于无效会话直接输出json参数，不能通过redirect跳转到别的url输出，否则在浏览器调试时也不支持

public class MyAuthenticationFilter extends FormAuthenticationFilter {
    @Override
    protected void redirectToLogin(ServletRequest request, ServletResponse response) throws IOException {

        HttpServletRequest httpServletRequest = (HttpServletRequest) request;
	    String method= httpServletRequest.getMethod();
	    //跨域时OPTIONS请求，此时不会带着token，若跳转就不对了。
	    if (method.equals("OPTIONS")){
		return ;
	    }

	    //WebUtils.issueRedirect(request, response, "/api/nologin");
	    //此处不不能redirect，跨域不能用
	    //API过期，返回过期json
	    JSONObject json = new JSONObject();
	    json.put("code", 2);
	    json.put("msg", "登录会话失效，请重新登录");

	    render((HttpServletResponse) response, "text/plain;charset=UTF-8", json.toString());

        
    }

    public void render(HttpServletResponse response, String contentType,
                       String text) {

        response.setContentType(contentType);
        response.setHeader("Pragma", "No-cache");
        response.setHeader("Cache-Control", "no-cache");
        response.setDateHeader("Expires", 0);

        try {
            response.getWriter().write(text);
        } catch (IOException e) {
            e.printStackTrace();
        }
    }

    @Override
    protected boolean preHandle(ServletRequest request, ServletResponse response) throws Exception {
        HttpServletResponse httpResponse = (HttpServletResponse) response;
        HttpServletRequest httpRequest = (HttpServletRequest) request;
        if (httpRequest.getMethod().equals(RequestMethod.OPTIONS.name())) {
            return true;
        }

        return super.preHandle(request,response);
    }
}

MyAuthenticationFilter 需要配置到Shiro配置文件中
map.put("/api/**","user");

    Map<String, Filter> filters = shiroFilterFactoryBean.getFilters();
    filters.put("user", new MyAuthenticationFilter());
    shiroFilterFactoryBean.setFilters(filters);