最近我已經(jīng)介紹了智威湯遜驗(yàn)證我的Springboot和基于Angualr2應(yīng)用。在There中，我嘗試通過在Angualr代碼中傳遞JWT令牌來(lái)發(fā)出POST請(qǐng)求save(jobId: number, taskId: number, note: Note) {   return this.http.post(environment.APIENDPOINT + '/jobs/' + jobId + '/tasks/' + taskId + '/notes', note, this.setHeaders()).map((response: Response) => response.json());}private setHeaders() {        // create authorization header with jwt token        let currentUser = JSON.parse(localStorage.getItem('currentUser'));        console.log("Current token---"+ currentUser.token);        if (currentUser && currentUser.token) {  let headers = new Headers();  headers.append('Content-Type', 'application/json');  headers.append('authorization','Bearer '+ currentUser.token);               let r = new RequestOptions({ headers: headers })   return r;        }    }但是在服務(wù)器端，它返回狀態(tài)碼401。問題是在Springboot端，它如下所示檢查授權(quán)標(biāo)頭，并返回nullString authToken = request.getHeader("authorization ");然后，我看了一眼請(qǐng)求頭，它具有在訪問控制請(qǐng)求報(bào)頭的授權(quán)頭下面。但是它對(duì)服務(wù)器端不可見。然后，我進(jìn)一步閱讀，發(fā)現(xiàn)這可能與CORS配置有關(guān)。所以我修改了我的CORS配置過濾器，使其具有addExposedHeader，如下所示@Beanpublic CorsFilter corsFilter() {    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();    CorsConfiguration config = new CorsConfiguration();    config.setAllowCredentials(true);    config.addAllowedOrigin("*");    config.addAllowedHeader("*");    config.addExposedHeader("authorization");    config.addAllowedMethod("OPTIONS");    config.addAllowedMethod("GET");    config.addAllowedMethod("POST");    config.addAllowedMethod("PUT");    config.addAllowedMethod("DELETE");    //config.addExposedHeader("Content-Type");    source.registerCorsConfiguration("/**", config);    return new CorsFilter(source);}服務(wù)器仍然抱怨找不到授權(quán)頭。我在這里想念任何東西嗎？感謝您的幫助