I am using Angular6 as FrontEnd running on http:// localhost:4200and Spring Boot (which has in built Tomcat server) as backend (exposing a GET Rest API) running on https:// localhost:8083/ldap. When I run this, I am getting CORS policy error on the browser. So I searched on internet and tried multiple fixes which were suggested on internet. I am not sure what I am missing on each of the solution below.

我使用 Angular6 作为在http:// localhost:4200上运行的前端，使用Spring Boot（内置 Tomcat 服务器）作为在https:// localhost:8083/ldap上运行的后端（暴露 GET Rest API） 。当我运行它时，我在浏览器上收到 CORS 策略错误。所以我在互联网上搜索并尝试了互联网上建议的多个修复程序。我不确定我在下面的每个解决方案中缺少什么。

Unsuccessful Fix 1:I tried to run it via proxy.
-> Created a proxy.config.json in parallel to package.json with below content.
{
   "/ldap/": {
   "target": "https://localhost:8083",
   "secure": false,
   "logLevel": "debug",
   "changeOrigin": true
 }
}
-> Added below entry in package.json inside script block there.
"start":"ng serve --proxy-config proxy.config.json",

-> In the service class, tried calling my spring boot backend rest API like below.
return this.http.get('/ldap');
Now when I run my app, I got below error:

GET http:// localhost:4200/ldap 404 (Not Found) : zone.js:3243


Unsuccessful Fix 2:I added below headers before calling the Rest API in my frontend.
getUserAuthenticatedFromLDAP() {
  const httpOptions = {
    headers: new HttpHeaders({
    'crossDomain': 'true',
    'mode' : 'cors',
    'allowCredentials': 'true',
    'origins': '',
    'allowedHeaders': '',
    'Access-Control-Allow-Origin': '',
    'Access-Control-Allow-Methods': 'GET',
    'Access-Control-Allow-Headers': 'Origin, X-Requested-With, Content-Type, Accept',
    'Access-Control-Max-Age': '86400'
 
    })
    };
 
    return this.http.get('https://localhost:8083' , httpOptions);
}
 

不成功的修复 1：我尝试通过代理运行它。
-> 创建了一个与 package.json 并行的 proxy.config.json 并包含以下内容。
{
   "/ldap/ ": {
   "target": " https://localhost:8083",
   "secure": false,
   "logLevel": "debug",
   "changeOrigin": true
 }
}
-> 在包中添加以下条目.json 里面的脚本块。
"start":"ng serve --proxy-config proxy.config.json",

-> 在服务类中，尝试调用我的spring boot backend rest API，如下所示。
返回 this.http.get('/ldap');
现在当我运行我的应用程序时，

GET http:// localhost:4200/ldap 404 (Not Found) : zone.js:3243


Unsuccessful Fix 2:在我的前端调用 Rest API 之前，我在下面添加了标题。
getUserAuthenticatedFromLDAP() {
  const httpOptions = {
    headers: new HttpHeaders({
    'crossDomain': 'true',
    'mode': 'cors',
    'allowCredentials': 'true',
    'origins': '',
    'allowedHeaders': ' ',
    'Access-Control-Allow-Origin': '',
    'Access-Control-Allow-Methods': 'GET',
    'Access-Control-Allow-Headers': 'Origin, X-Requested-With, Content-Type, Accept',
    'Access-Control-Max-Age': '86400'
 
    })
    };
 
    返回 this.http.get(' https://localhost:8083' , httpOptions);
}
 

Access to XMLHttpRequest at 'https://localhost:8083/' from origin 'http://localhost:4200' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.

从源“ http://localhost:4200”访问“ https://localhost:8083/”的XMLHttpRequest已被 CORS 策略阻止：对预检请求的响应未通过访问控制检查：它没有 HTTP ok地位。

Unsuccessful Fix 3:Rather than making changes at front end, I tried to make changes at API level by adding below code at controller level.

不成功的修复 3：我没有在前端进行更改，而是尝试通过在控制器级别添加以下代码来在 API 级别进行更改。

@Controller
@CrossOrigin(origins = "http://localhost:4200")
public class WelcomeController {

@Controller
@CrossOrigin(origins = " http://localhost:4200")
公共类 WelcomeController {

// This is for LDAP Authentication
@GetMapping("/ldap")
@ResponseBody
public Authentication hello() {
    return LdapSecurity.getAuthentication();
}

}

}

Here I am getting below error again:

在这里，我再次遇到以下错误：

Access to XMLHttpRequest at 'https://localhost:8083/' from origin 'http://localhost:4200' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.

从源“ http://localhost:4200”访问“ https://localhost:8083/”的XMLHttpRequest已被 CORS 策略阻止：对预检请求的响应未通过访问控制检查：它没有 HTTP ok地位。

More unsuccessful fixes:

更多不成功的修复：

I even tried to change headers of Tomcat using application.properties file but could not find sufficient example or piece of code to make any change.
On internet, some people suggested to implement filter on API level but I am not sure that in whcih class I need to add those overriden filter method.
I am stuck in this issue for last 2 days.

PS: I see some people have implemented CORS filter at API layer or implemented class like below. Now my question is if I implement below class then where do I need to refer this class ? Is it web.xml or any other place.

我什至尝试使用 application.properties 文件更改 Tomcat 的标头，但找不到足够的示例或代码段来进行任何更改。
在互联网上，有些人建议在 API 级别实现过滤器，但我不确定在哪个类中我需要添加那些覆盖的过滤器方法。
我被困在这个问题上 2 天了。

PS：我看到有些人在 API 层实现了 CORS 过滤器或实现了如下所示的类。现在我的问题是，如果我在类下面实现，那么我需要在哪里引用这个类？是 web.xml 还是其他任何地方。

@Configuration   @EnableWebSecurity  
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {  

@Configuration @EnableWebSecurity  
公共类 WebSecurityConfig 扩展了 WebSecurityConfigurerAdapter {