0

I am trying to hit the rest service through Angular $http service, I am getting error like 

XMLHttpRequest cannot load
http://localhost:3000/SpringSecurity/utn/accounts/all. Response to
preflight request doesn't pass access control check: No 
'Access-Control-Allow-Origin' header is present on the requested
resource. Origin 'null' is therefore not allowed access

Request in angular:

$http({
              method: 'GET',
              url: 'http://localhost:3000/SpringSecurity/utn/accounts/all',
              headers: {
                   'Content-type': 'application/json',
                   'Accept' : 'application/json',
                   "Access-Control-Allow-Origin" : "*",
                    "Access-Control-Allow-Methods" : "GET",
                    "Access-Control-Allow-Headers": "Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With"


                 }

            }).then(function successCallback(response) {

                console.log("Success");
                console.log(response);

              }, function errorCallback(response) {

                console.log("Error");
                console.log(response);

              });

HTML:

<script src="https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js"></script>

Spring Controller:

@RequestMapping(value = "/utn/accounts/all", method = RequestMethod.GET)
public ModelAndView utnAccountsAll(HttpServletRequest request,HttpServletResponse response) {

    System.out.println("Inside UTN Accounts method");
    ModelAndView model = new ModelAndView();
    response.setHeader("Access-Control-Allow-Origin", "*");
    response.setHeader("Access-Control-Allow-Methods", "GET");
    response.setHeader("Access-Control-Max-Age", "3600");
    response.setHeader("Access-Control-Allow-Headers", "Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With");


    model.addObject("message","Successss");
    model.setViewName("success");
    return model;

}
Ruslan
  • 14,229
  • 8
  • 49
  • 67
  • Enable CORS at server side. – Manish Singh Nov 15 '16 at 06:50
  • 1
    how have you configured websecurtiyconfigureradapter? – kuhajeyan Nov 15 '16 at 07:04
  • Enable CORS at the server side as @Manish told . And also allow preflight call : response.setHeader("Access-Control-Allow-Methods", "GET, OPTIONS"); – Sourav Mondal Nov 15 '16 at 07:43
  • How to enable CORS at server side? @ManishSingh –  Nov 16 '16 at 06:21
  • How to enable CORS at server side? @SouravMondal –  Nov 16 '16 at 06:22
  • Possible duplicate of [Getting request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource](http://stackoverflow.com/questions/33820142/getting-request-doesnt-pass-access-control-check-no-access-control-allow-orig) – Sikorski Nov 24 '16 at 06:08

1 Answers1

1

You need to enable CORS filter at server side. Add below code and annotate it with with @Configuration 

@Configuration
public class CorsFilter implements Filter {

    @Override
    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
        final HttpServletResponse response = (HttpServletResponse) res;
        response.setHeader("Access-Control-Allow-Origin", "*");
        response.setHeader("Access-Control-Allow-Methods", "POST, PUT, GET, OPTIONS, DELETE");
        response.setHeader("Access-Control-Allow-Headers", "Authorization, Content-Type");
        response.setHeader("Access-Control-Max-Age", "3600");

            chain.doFilter(req, res);

    }
    @Override
    public void destroy() {
    }    
   @Override
    public void init(FilterConfig config) throws ServletException {
    }
Nithyananth
  • 329
  • 2
  • 5
  • 17