List of usage examples for org.springframework.web.cors CorsConfiguration setAllowCredentials
public void setAllowCredentials(@Nullable Boolean allowCredentials)
From source file:org.jimsey.projects.turbine.condenser.security.SecuritySetup.java
/** * https://spring.io/guides/tutorials/spring-security-and-angular-js/ * // www . j a v a 2s. co m * "The browser tries to negotiate with our resource server to find out * if it is allowed to access it according to the Cross Origin Resource * Sharing protocol. Its not an Angular JS responsibility, so just like * the cookie contract it will work like this with all JavaScript in the * browser. The two servers do not declare that they have a common * origin, so the browser declines to send the request and the UI is broken. * * To fix that we need to support the CORS protocol which involves a * "pre-flight" OPTIONS request and some headers to list the allowed * behaviour of the caller." * * NOTE: With Spring Security, automatic registration is still expected * by spring Boot when annotated with @Bean but it DOES NOT WORK * Instead, this filter is registered in the configure() method above * http://stackoverflow.com/questions/31724994/spring-data-rest-and-cors */ public static CorsFilter newCorsFilter() { UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); CorsConfiguration config = new CorsConfiguration(); config.setAllowCredentials(true); // you USUALLY want this config.addAllowedOrigin("*"); config.addAllowedHeader("*"); config.addAllowedMethod("HEAD"); config.addAllowedMethod("GET"); config.addAllowedMethod("POST"); config.addAllowedMethod("OPTIONS"); config.addAllowedMethod("DELETE"); config.addAllowedMethod("PUT"); source.registerCorsConfiguration("/**", config); return new CorsFilter(source); }
From source file:pl.szcze.userserviceproject.RestConfiguration.java
@Bean public FilterRegistrationBean corsFilter() { UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); CorsConfiguration config = new CorsConfiguration(); config.setAllowCredentials(true); config.addAllowedOrigin("*"); config.addAllowedHeader("x-requested-with"); config.addAllowedHeader("x-auth-token"); config.addAllowedMethod("OPTIONS"); config.addAllowedMethod("HEAD"); config.addAllowedMethod("GET"); config.addAllowedMethod("PUT"); config.addAllowedMethod("POST"); config.addAllowedMethod("DELETE"); config.addAllowedMethod("PATCH"); config.setMaxAge(3600l);/* w w w .j a v a 2 s. co m*/ source.registerCorsConfiguration("/**", config); // return new CorsFilter(source); final FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source)); bean.setOrder(0); return bean; }
From source file:io.github.proxyprint.kitchen.WebAppConfig.java
@Bean public CorsFilter corsFilter() { UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); CorsConfiguration config = new CorsConfiguration(); config.setAllowCredentials(true); // you USUALLY want this config.addAllowedOrigin("*"); config.addAllowedHeader("*"); config.addAllowedMethod("GET"); config.addAllowedMethod("POST"); config.addAllowedMethod("DELETE"); config.addAllowedMethod("PUT"); source.registerCorsConfiguration("/**", config); return new CorsFilter(source); }
From source file:com.meals.on.wheels.MealsOnWheelsApplication.java
@Bean public CorsFilter corsFilter() { UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); CorsConfiguration config = new CorsConfiguration(); config.setAllowCredentials(true); // you USUALLY want this config.addAllowedOrigin("*"); config.addAllowedHeader("*"); config.addAllowedMethod("GET"); config.addAllowedMethod("POST"); source.registerCorsConfiguration("/**", config); return new CorsFilter(source); }
From source file:com.orange.clara.pivotaltrackermirror.config.AppConfig.java
@Bean public CorsFilter corsFilter() { UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); CorsConfiguration config = new CorsConfiguration(); config.setAllowCredentials(true); config.addAllowedOrigin("*"); config.addAllowedHeader("*"); config.addAllowedMethod("*"); source.registerCorsConfiguration("/**", config); return new CorsFilter(source); }
From source file:com.todo.backend.config.WebConfiguration.java
@Bean @Profile("dev")//w w w . jav a2 s . c o m public CorsFilter corsFilter() { log.info("Initializing CORS filter..."); final CorsConfiguration config = new CorsConfiguration(); config.setAllowCredentials(true); config.addAllowedOrigin("*"); config.addAllowedHeader("*"); config.addAllowedMethod("GET"); config.addAllowedMethod("PUT"); config.addAllowedMethod("POST"); config.addAllowedMethod("DELETE"); config.addAllowedMethod("OPTIONS"); config.setMaxAge(1800L); final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); source.registerCorsConfiguration("/api/**", config); source.registerCorsConfiguration("/v2/api-docs/**", config); return new CorsFilter(source); }
From source file:org.moserp.RestConfiguration.java
@Bean public CorsFilter corsFilter() { UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); CorsConfiguration config = new CorsConfiguration(); config.setAllowCredentials(true); // you USUALLY want this config.addAllowedOrigin("*"); config.addAllowedHeader("*"); config.addAllowedMethod("*"); source.registerCorsConfiguration("/**", config); return new CorsFilter(source); }
From source file:me.jcala.xmarket.server.conf.RestConfig.java
/** * /*from ww w.j a v a 2 s . c om*/ */ @Bean public CorsFilter corsFilter() { UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); CorsConfiguration configuration = new CorsConfiguration(); configuration.setAllowCredentials(true); configuration.addAllowedOrigin("*"); configuration.addAllowedHeader("*"); configuration.setAllowedMethods(Arrays.asList("GET", "PUT", "POST", "DELETE")); source.registerCorsConfiguration("/**", configuration); return new CorsFilter(source); }
From source file:org.opentestsystem.ap.iat.config.SecurityConfig.java
@Bean public FilterRegistrationBean corsFilter() { UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); CorsConfiguration config = new CorsConfiguration(); config.setAllowCredentials(true); config.addAllowedOrigin(ALL);//from ww w .j av a 2 s . c o m config.addAllowedHeader(ALL); config.addAllowedMethod(ALL); config.addAllowedMethod("GET"); config.addAllowedMethod("PUT"); config.addAllowedMethod("POST"); config.addAllowedMethod("OPTIONS"); source.registerCorsConfiguration("/**", config); FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source)); bean.setOrder(Ordered.HIGHEST_PRECEDENCE); return bean; }
From source file:org.springframework.web.socket.sockjs.support.AbstractSockJsService.java
@Override @Nullable// w w w .ja v a 2 s . c o m public CorsConfiguration getCorsConfiguration(HttpServletRequest request) { if (!this.suppressCors && CorsUtils.isCorsRequest(request)) { CorsConfiguration config = new CorsConfiguration(); config.setAllowedOrigins(new ArrayList<>(this.allowedOrigins)); config.addAllowedMethod("*"); config.setAllowCredentials(true); config.setMaxAge(ONE_YEAR); config.addAllowedHeader("*"); return config; } return null; }