When I invoke my service via Angular2 using http.post
request, I get
Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:3000' is therefore not allowed access.
My JAX-RS service
@Override @POST @Path("/getWsCallReports") @Produces(MediaType.APPLICATION_JSON) public Response getWsCallReports(Query query) { try { LOG.info("getWsCallReports called for " + query); return Response.status(200) .header("Access-Control-Allow-Origin", "*") .header("Access-Control-Allow-Headers", "origin, content-type, accept, authorization") .header("Access-Control-Allow-Credentials", "true") .header("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS, HEAD") .header("Access-Control-Max-Age", "1209600").entity(wsCallReportDao.getReports(query)).build(); } catch (Exception e) { return Response.serverError().build(); } }
Also I've tried to add simple HTTP filter that defines all necessary headers for all requests
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { HttpServletResponse response = (HttpServletResponse) servletResponse; // TODO: development only response.addHeader("Access-Control-Allow-Origin", "*"); response.addHeader("Access-Control-Allow-Headers", "origin, content-type, accept, authorization"); response.addHeader("Access-Control-Allow-Credentials", "true"); response.addHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS, HEAD"); response.addHeader("Access-Control-Max-Age", "1209600"); filterChain.doFilter(servletRequest, servletResponse); }
but it didn't help. What am I doing wrong?