Spring Boot CORS No 'Access-Control-Allow-Origin' header is present

Question

My Spring Boot Rest API is secured by JWT token. I have the following CORS setting

@Bean
public WebMvcConfigurer corsConfigurer() {
return new WebMvcConfigurerAdapter() {
@Override
public void addCorsMappings(CorsRegistry registry) {  registry.addMapping("/api/**").allowedMethods("*").allowedOrigins("*").maxAge(3600);}};
}

and in security config

httpSecurity.authorizeRequests().antMatchers("/api/public/**").permitAll();
        httpSecurity.authorizeRequests().antMatchers(HttpMethod.OPTIONS, "/api/**").permitAll();
        httpSecurity.antMatcher("/api/**").authorizeRequests().anyRequest().authenticated().and().exceptionHandling()
                .authenticationEntryPoint(restAuthenticationEntryPoint)

Now I am able to authenticate and get JWT token, get , post data from my angular 2 app running in different domain. Now I want to handle token expiry by catching HTTP status 401. I do get status 401 from spring boot, when token expired. But 401 error does not reach angular, because browser complains about CORS

Failed to load http://ipaddress:8010/api/sy/code/findAll?page=0: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:4200' is therefore not allowed access. The response had HTTP status code 401

how to configure spring boot to send Access-control-Allow-origin for 401. I do have allow allowedOrigins("*") configuration. but that does not seem to work. Any help.

check this https://stackoverflow.com/a/35092082/2708210 might help — Rahul Singh, Oct 25 '17 at 17:55
This helped https://stackoverflow.com/a/41000211/1057094 thanks — Mukun, Oct 26 '17 at 05:05

Spring Boot CORS No 'Access-Control-Allow-Origin' header is present

0 Answers0