Closed hezhijun closed 10 years ago
iainporter
commented
10 years ago All /v1.0/\ requests go through the Jersey servlet. The configuration for it is in a class called com.porterhead.RestResourceApplication
The Jersey CORS filter is registered in that class:
ContainerResponseFilter filter = rootCtx.getBean(JerseyCrossOriginResourceSharingFilter.class);All requests via /v1.0/* will be filtered through that CORS filter.
I have a client app that you can use to test it out:
hezhijun
commented
10 years ago iainporter, thanks for your quick response. I am actually using SpingMVC instead of Jersey. Seems very time the client sends a CORS request to /v1.0/**, it first sends an OPTIONS request, it is the OPTIONS request that can not be authenticated.
hezhijun
commented
10 years ago I temporarily solved this problem by only applying resource-server filter to GET and POST request to /v1.0/**. Anyway, thanks very much.
Hi, this is not an issue, this is just a question, can you help me, thanks in advance. You added CORS filter to /oauth/token, that works, but do you know how to add CORS filter to resources (/v1.0/**). I always got this: Remote Address:[::1]:8080 Request URL:http://localhost:8080/v1.0/xxx Request Method:OPTIONS Status Code:401 Unauthorized