CORS issue comes while calling Angular7 application using Ajax call from another application

Question

I am having one application A, from where I have created jQuery Ajax request to open Application B in Popup of App A. App B build in Angular 7, the request goes to App B but facing below issue

Access to XMLHttpRequest at 'http://localhost:4200/Primary' from origin 'http://localhost:9090' has been blocked by CORS policy: Request header field access-control-allow-origin is not allowed by Access-Control-Allow-Headers in preflight response.

I have configure proxyconfig in Angular 7 app, added proxy.conf.json but I think it is not correct approach as it is used for Angular 7 UI to node services.

jQuery.ajax({
  url: "http://localhost:4200/Primary", //pp.vars.web + "/" + "modelbinitializerequest",
  type: "GET",
  beforeSend: function(xhr) {
    xhr.setRequestHeader('Access-Control-Allow-Headers', 'authorization,content-type,access-control-allow-origin,X-Requested-With,content-type');
    xhr.setRequestHeader('Access-Control-Allow-Origin', '*');
    xhr.setRequestHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE');
    xhr.setRequestHeader('Access-Control-Allow-Credentials', true);
  },
  success: function(data) {
    console.log(data);
    var overlay = document.createElement("div"),
      mask = document.createElement("div"),
      overlayStyle = "overlayStyleCSS close_buttonCSS";
    maskStyle = "position:absolute;width:100%;height:320%;top:0;left:0;z-index:4000;background-color:#030303;opacity:0.3;filter:alpha(opacity=30);display:inline-block; *display:inline; *zoom:1;";
    overlay.setAttribute("class", overlayStyle);
    overlay.style.cssText = overlayStyle;
    overlay.id = "pluginLoadingOverlay";
    mask.setAttribute("style", maskStyle);
    mask.style.cssText = maskStyle;
    mask.id = "pluginLoadingOverlayMask";
    overlay.innerHTML = data;
    document.body.appendChild(mask);
    document.body.appendChild(overlay);
  }
});

I think if CORS issue goes solved then I can able to open App B angular 7 app in pop up.

Angular 7 App B i.e. 'http://localhost:4200/Primary' hosted on NPM and http://localhost:9090 on jetty server.

I did try Angular 7 App B deployed on Tomcat server with the configure the headers in web.xml in conf folder as below, but still issue not solved.

conf/web.xml

<filter>
  <filter-name>CorsFilter</filter-name>
  <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
  <init-param>
    <param-name>cors.allowed.origins</param-name>
    <param-value>*</param-value>
  </init-param>
  <init-param>
    <param-name>cors.allowed.methods</param-name>
    <param-value>GET,POST,PUT,DELETE,HEAD,OPTIONS</param-value>
  </init-param>
  <init-param>
    <param-name>cors.allowed.headers</param-name>
    <param-value>Content-Type,X-Requested-With,Accept,Authorization,Origin,Access-Control-Request-Method,Access-Control-Request-Headers</param-value>
  </init-param>
  <init-param>
    <param-name>cors.exposed.headers</param-name>
    <param-value>Access-Control-Allow-Origin,Access-Control-Allow-Credentials</param-value>
  </init-param>
</filter>
<filter-mapping>
  <filter-name>CorsFilter</filter-name>
  <url-pattern>/*</url-pattern>
</filter-mapping>