CORS JAVA (ERROR)

4

I'm trying to connect to an API that was made in Java, but I always get the error when trying to connect (I want to feed a mobile application, done in JS / Cordova).

When I connect (via Browser) I get it, the API returns and everything works normal, but when I install the app on the mobile phone, error 401. I talked to several people, and it seems to be CORS error. The problem is that the API was not the one I developed, so I asked for the code that releases the CORS before coming here. and he gave it to me here.

<filter>
    <filter-name>CorsFilter</filter-name>
    <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
</filter>
<filter-mapping>
    <filter-name>CorsFilter</filter-name>
    <url-pattern> /* </url-pattern>
</filter-mapping>

Can anyone tell me if it's right? or what is the best way to do it?

    
asked by anonymous 06.06.2017 / 20:56

2 answers

4

A filter to release CORS would look like this:

@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
    HttpServletResponse response = (HttpServletResponse) res;
    response.setHeader("Access-Control-Allow-Origin", "*");
    response.setHeader("Access-Control-Allow-Methods", "POST, GET, PUT, OPTIONS, DELETE");
    response.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization");
    chain.doFilter(req, response);
}

Since it's using Apache CorsFilter, I think it's missing something.

It would be something like:

<filter>
    <filter-name>CorsFilter</filter-name>
    <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
    <init-param>
        <param-name>cors.allowed.origins</param-name>
        <param-value>*</param-value>
    </init-param>
    <init-param>
        <param-name>cors.allowed.methods</param-name>
        <param-value>GET,POST,HEAD,OPTIONS,PUT</param-value>
    </init-param>
    <init-param>
        <param-name>cors.allowed.headers</param-name>
        <param-value>Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers</param-value>
    </init-param>
    <init-param>
       <param-name>cors.exposed.headers</param-name>
       <param-value>Access-Control-Allow-Origin,Access-Control-Allow-Credentials</param-value>
    </init-param>
    <init-param>
        <param-name>cors.support.credentials</param-name>
        <param-value>false</param-value>
    </init-param>
    <init-param>
        <param-name>cors.preflight.maxage</param-name>
        <param-value>10</param-value>
    </init-param>
</filter>
<filter-mapping>
    <filter-name>CorsFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

Source: Using CORS Headers with JAVA

    
08.06.2017 / 21:44
2

So I understand you're probably building an application made with Ionic and debugging the app through chrome. If this is your scenario there is an alternative that easily solves your problem just by installing a plugin. CORS plugin: link

Just install and activate the plugin and you will no longer have problems. I hope I have helped

    
09.06.2017 / 16:00