I use WSO2is 5.7.0 with my angular 6 app, i tried make api call from my app but i have a cors error: Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at
I already activated the cors enabled in oauth and authenticationendpoint, i edited de WEB-INF/web.xml
of both webapps with this lines:
<filter>
<filter-name>CORS</filter-name>
<filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class>
<init-param>
<param-name>cors.allowOrigin</param-name>
<param-value>*</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CORS</filter-name>
<url-pattern>*</url-pattern>
</filter-mapping>
In authenticationendpoint i copy the cors libraries from oauth to authenticationendpoint webapps in lib folder and edited the pom.xml file with this lines:
<dependency>
<groupId>com.thetransactioncompany.wso2</groupId>
<artifactId>cors-filter</artifactId>
<version>1.7.0.wso2v1</version>
</dependency>
After this, restart the service, i and have the same problem Cross-Origin Request Blocked
in my angular app service i make the request as follow:
const httpHeaders = {
headers: new HttpHeaders()
.set('Content-Type', 'application/x-www-form-urlencoded')
.set('Access-Control-Allow-Origin', '*')
};
this.http.post<any>(`http://localhost:9443/commonauth`, payload, httpHeaders)
i think is neccesary enable cors support from tomcat but i don't know how do that, What other alternatives do I have besides enabling cors?
My sources:
https://docs.wso2.com/display/IS570/Invoking+an+Endpoint+from+a+Different+Domain
https://hasanthipurnima.blogspot.com/2016/05/applying-cors-filter-to-wso2-identity.html
The endpoint you are trying to invoke is registered as a servlet inside the Identity Server and you need to configure the web.xml file in repository/conf/tomcat/carbon/WEB-INF/
to apply the headers to your endpoint.
You can add the org.apache.catalina.filters.CorsFilter
to the above-mentioned file to allow the required domains. More info can be found from tomcat documentation. Sample config would look like below.
<filter>
<filter-name>CorsFilter</filter-name>
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
<init-param>
<param-name>cors.allowed.origins</param-name>
<param-value>https://www.somedomain.com</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CorsFilter</filter-name>
<url-pattern>/commonauth</url-pattern>
</filter-mapping>