Missing Authorization header in Angular 7 HTTP response
Accessing an API back-end from Angular client may result in missing response headers. A common scenario is a missing Authorization header, containing the JSON Web Token (JWT) which is returned from the back-end service when the user logs in successfully. The solution to the problem is to expose the desired header in the back-end code (notice that the Authorization header is not exposed by default). In the case of a Spring Boot back-end, we need to add the following line of code:
response.addHeader("Access-Control-Expose-Headers", "Authorization");
@Override
protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response,
FilterChain chain, Authentication authResult) throws IOException, ServletException {
String token = JWT.create()
.withSubject(((User) authResult.getPrincipal()).getUsername())
.withExpiresAt(new Date(System.currentTimeMillis() + EXPIRATION_TIME))
.sign(HMAC512(SECRET.getBytes()));
response.addHeader("Access-Control-Expose-Headers", "Authorization");
response.addHeader(HEADER_STRING, TOKEN_PREFIX + token);
}
Letzte Beiträge
Share :
Share :
Weitere Beiträge

MVVM and its implementation in Android
Writing application code before thinking about an architecture is a really bad idea. Android programming does not make a difference. Everybody who starts creating Android apps begins doing so without following a specific architecture.

6 Fragen an unseren Geschäftsführer Dimitar
Heute möchten wir euch Dimitar vorstellen, einen unserer zwei Geschäftsführer bei der DiSC. Er ist Spezialist für Mobile Netzwerke, Java Backend, Java Enterprise Edition sowie für Java Spring Boot

MVVM’s Model implementation in Android application. Room
As we said in the previous article Model is the data in our application. These are classes representing objects that we persist in our database or that we get from network calls to services.