java後臺的跨域問題

//網站A跨域訪問網站B的某個方法並返回

    //這是網站A的後臺
    protected void processRequest(HttpServletRequest request, HttpServletResponse response) throwsIOException {
        String json_string = "{'mes':null,'error':false}";

        response.setCharacterEncoding("utf-8");
        response.setHeader("Access-Control-Allow-Origin", "*");
        try {
            String basePath = request.getParameter("basePath");
            String username = request.getParameter("username");
            String password = request.getParameter("password");

            json_string=login_(basePath,username,password);
        }catch (Exception e){

        }
        response.getWriter().print(json_string);
        return ;
    }

    public String login_(String basePath,String userName,String password)throws Exception{
        URL realUrl = new URL(basePath);

        HttpURLConnection conn = (HttpURLConnection) realUrl.openConnection();
        conn.setRequestMethod("POST"); // 設置請求方式
        conn.setDoOutput(true);// 是否輸入參數
        StringBuffer params = new StringBuffer();
        // 表單參數與get形式一樣
        params.append("username").append("=")
                .append(URLEncoder.encode(userName, "utf-8")).append("&")
                .append("password").append("=").append(password);
        byte[] bypes = params.toString().getBytes();
        conn.getOutputStream().write(bypes);// 輸入參數
        InputStream inStream=conn.getInputStream();

        ByteArrayOutputStream outStream = new ByteArrayOutputStream();
        byte[] buffer = new byte[1024];
        int len = 0;
        while( (len = inStream.read(buffer)) !=-1 ){
            outStream.write(buffer, 0, len);
        }
        byte[] data = outStream.toByteArray();//網頁的二進制數據
        outStream.close();
        inStream.close();

        //處理中文亂碼並返回json數據
        return new String(data, "utf-8");
    }

    //這是網站B中被跨域訪問的方法
    //接收從網站A傳過來的用戶名和密碼，驗證用戶名密碼是否正確並返回結果
    private final static ObjectMapper objectMapper = new ObjectMapper();
    protected void processRequest(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException {
        String username = request.getParameter("username");
        String password = request.getParameter("password");

        LoginMessage lm = new LoginMessage();
        lm.error = true;
        if ( !"true".equals(request.getParameter("isdemo")) && SecurityUtils.getSubject().isAuthenticated()) {
            lm.mes = "當前會話已經是驗證通過了的.";
            lm.error = false;
        } else {
            if (Strings.isNullOrEmpty(username) || Strings.isNullOrEmpty(password)) {
                lm.mes = "用戶名或密碼不能爲空.";
            } else {
                UsernamePasswordToken token = new UsernamePasswordToken(username, password);
                try {
                    SecurityUtils.getSubject().login(token);
                    lm.error = false;
                } catch (AuthenticationException e) {
                    if (e instanceof LockedAccountException) {
                        lm.mes = "用戶密碼不正確.";
                    } else {
                        lm.mes = Throwables.getRootCause(e).getMessage();
                    }
                } catch (Exception e) {
                    e.printStackTrace();
                    lm.mes = Throwables.getRootCause(e).getMessage();
                }
            }
        }
        response.setCharacterEncoding("utf-8");
        response.setHeader("Access-Control-Allow-Origin", "*");
        PrintWriter out = response.getWriter();

        out.println(objectMapper.writeValueAsString(lm));//返回jsonp格式數據
        out.flush();
        out.close();
    }

    static class LoginMessage {
        public String mes;
        public boolean error;
    }