CODEWITHSUNDEEP
springangularjsspring-mvcgrailsspring-security
Piyusha Jadhav
Piyusha Jadhav

Reputation: 141

Spring security REST API

I'm using Spring Security REST Api with grails and AngularJS. And I tried the url request with postman and it is working fine. It is returning results back with used x-auth-token. But the same i tried with AngularJs but it not going further that OPTION request. here it shows that my request is being processed up to OPTION request only. below is the image which shows what I tried in POSTMAN. It gives the results and works fine with x-auth-token.

I have integrated spring security plugin as following. And it is working for "api/login" but further it fails.

in 1st image here it shows that my request is being processed up to OPTION request only. in 2nd image, shows what I tried in POSTMAN. It gives the results and works fine with x-auth-token. in 3rd image, I have integrated spring security plugin as following. And it is working for "api/login" but further it fails. the 4th image shows the detail response for OPTION request and then it fails to go further. 4th

I have written grunt connect method as following

connect: {
options: {
port: 9000,
// Change this to '0.0.0.0' to access the server from outside.
hostname: 'localhost',
livereload: 35729
},
proxies: [
{
context: '/crm/api',
host: 'localhost',
port: 8080
}
],
livereload: {
options: {
open: true,
base: [
'.tmp',
'<%= yeoman.app %>'
]
}
},
test: {
options: {
port: 9001,
base: [
'.tmp',
'test',
'<%= yeoman.app %>'
]
}
},
dist: {
options: {
base: '<%= yeoman.dist %>'
}
}
}

Still I have the same error.

Upvotes: 3

Views: 1334

Answers (2)

TheKojuEffect
TheKojuEffect

Reputation: 21081

As explained by agerco, the issue is cross domain issue.

For the solution, refer to this Spring Guide : Enabling Cross Origin Requests for a RESTful Web Service.

As explained in above guide, you'll need to add a Filter bean in your application context.

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;
import org.springframework.stereotype.Component;

@Component
public class SimpleCORSFilter implements Filter {

    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
        HttpServletResponse response = (HttpServletResponse) res;
        response.setHeader("Access-Control-Allow-Origin", "localhost:9000"); // Client URL
        response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
        response.setHeader("Access-Control-Max-Age", "3600");
        response.setHeader("Access-Control-Allow-Headers", "x-requested-with");
        chain.doFilter(req, res);
    }

    public void init(FilterConfig filterConfig) {}

    public void destroy() {}

}

Upvotes: 2

Austin Greco
Austin Greco

Reputation: 33544

This is a cross-domain issue.

Your webpage is on localhost:9000 and your backend is localhost:8080. These are technically 2 different domains, so you will need to either enable cross origin requests, or use a proxy to make requests forward to port 8080.

It looks like you're using grunt, so I would suggest setting up the proxy. I use grunt-connect-proxy to setup forwarding to my backend port:

connect: {
  options: {
    port: 9000,
    hostname: 'localhost',
    livereload: 35729
  },
  proxies: [
    {
      context: '/crm/api',
      host: 'localhost',
      port: 8080
    }
  ]
}

Upvotes: 2

Related Questions