CORS: AngularJS + Resteasy 3 + Wildfly
I am developing an application using AngularJS and Resteasy. As expected, I ran into a known issue
XMLHttpRequest cannot load http://localhost:8080/..... No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:3000' is therefore not allowed access. The response had HTTP status code 403.
As you can see from other posts [1] , I tried using the Restaasy CorsFilter from the Feature object, but I get:
[33m02:06:57,883 WARN [org.jboss.resteasy.core.ExceptionHandler] (default task-1) failed to execute: javax.ws.rs.ForbiddenException: Origin not allowed: http://localhost:3000
at org.jboss.resteasy.plugins.interceptors.CorsFilter.checkOrigin(CorsFilter.java:194)
at org.jboss.resteasy.plugins.interceptors.CorsFilter.filter(CorsFilter.java:134)
My CorsFeature object :
@Provider
public class CorsFeature implements Feature {
@Override
public boolean configure(FeatureContext context) {
CorsFilter corsFilter = new CorsFilter();
corsFilter.getAllowedOrigins().add("*");
context.register(corsFilter);
return true;
}
}
In web.xml, I added:
<context-param>
<param-name>resteasy.providers</param-name>
<param-value>org.jboss.resteasy.plugins.interceptors.CorsFilter</param-value>
</context-param>
I see that when I comment out this context parameter, I do not get the above exception and the response status is 200, not 403.
In angular config I added:
$httpProvider.defaults.useXDomain = true;
delete $httpProvider.defaults.headers.common['X-Requested-With'];
I know it is possible to create a node.js proxy, but I would like to tackle this the hard way. Can you please help me overcome this big obstacle in life?
Thank:)
Edit later: I was able to do this by annotating the (CorsFeature) si @Component feature class. So the application context is aware of this.
source to share
Solution for Wildfly
- edit
standalone.xml
:
configuration
<subsystem xmlns="urn:jboss:domain:undertow:3.0">
<buffer-cache name="default"/>
<server name="default-server">
<http-listener name="default" socket-binding="http" redirect-socket="https"/>
<host name="default-host" alias="localhost">
<location name="/" handler="welcome-content"/>
<filter-ref name="server-header"/>
<filter-ref name="x-powered-by-header"/>
<filter-ref name="Access-Control-Allow-Origin"/>
<filter-ref name="Access-Control-Allow-Methods"/>
<filter-ref name="Access-Control-Allow-Headers"/>
<filter-ref name="Access-Control-Allow-Credentials"/>
<filter-ref name="Access-Control-Max-Age"/>
</host>
</server>
<servlet-container name="default">
<jsp-config/>
<websockets/>
</servlet-container>
<handlers>
<file name="welcome-content" path="${jboss.home.dir}/welcome-content"/>
</handlers>
<filters>
<response-header name="server-header" header-name="Server" header-value="WildFly/10"/>
<response-header name="x-powered-by-header" header-name="X-Powered-By" header-value="Undertow/1"/>
<response-header name="Access-Control-Allow-Origin" header-name="Access-Control-Allow-Origin" header-value="*"/>
<response-header name="Access-Control-Allow-Methods" header-name="Access-Control-Allow-Methods" header-value="GET, POST, OPTIONS, PUT"/>
<response-header name="Access-Control-Allow-Headers" header-name="Access-Control-Allow-Headers" header-value="accept, authorization, content-type, x-requested-with"/>
<response-header name="Access-Control-Allow-Credentials" header-name="Access-Control-Allow-Credentials" header-value="true"/>
<response-header name="Access-Control-Max-Age" header-name="Access-Control-Max-Age" header-value="1"/>
</filters>
</subsystem>
- reboot Wildfly
source to share