CORS header in response REST-API call (SOLVED)

jannes

Another party is using our exposed webservices.
They say : the browser needs a CORS header in the response of the REST-API call.

Therefore I added these lines in
..AwareIM\TomCat\webapps\AwareIM\WEB-INF\web.xml
and
..AwareIM\TomCat\conf\web.xml

<filter>
<filter-name>CorsFilter</filter-name>
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CorsFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

But no result yet.

How to do this ?
Which web.xml should be altered ?

regards
Jannes

jannes

It is solved by adding in ..AwareIM\TomCat\conf\web.xml (replace <mysite> in your own url(s) ) :

<filter>
<filter-name>CorsFilter</filter-name>
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
<init-param>
<param-name>cors.allowed.origins</param-name>
<param-value>https://www.apache.org, https://www.<mysite>.nl, http://scanner.<mysite>.nl</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.methods</param-name>
<param-value>GET,POST,HEAD,OPTIONS,PUT</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.headers</param-name>
<param-value>Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers</param-value>
</init-param>
<init-param>
<param-name>cors.exposed.headers</param-name>
<param-value>Access-Control-Allow-Origin,Access-Control-Allow-Credentials</param-value>
</init-param>
<init-param>
<param-name>cors.support.credentials</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>cors.preflight.maxage</param-name>
<param-value>10</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CorsFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

Now the app can use the webservice.

It is not necessary to restart AwareIM or reboot the server.