Spring MVC 4.2+ CORS returning 403

Question

I have created a fresh and simple Spring MVC application (used 4.2.1.Release, now switched to 4.2.7.Release). The app is simple:

WEB.XML:


        proxy
        org.springframework.web.servlet.DispatcherServlet
    1

    
        dispatchOptionsRequest
        true
    
    
        contextConfigLocation
        classpath*:my-cool-context.xml
            

   
    proxy
    /*

Context:

And the controller

@Controller
@RequestMapping("/")
@CrossOrigin
public class MySupercoolController {
    @CrossOrigin
    @RequestMapping(path="test", method = RequestMethod.POST)
    @ResponseBody   
    private ResponseEntity executePostProxy(HttpServletRequest request){
         return new ResponseEntity("TEST", HttpStatus.OK);
    }
}

Now - the controller itself is working and returns my text, so the controller is loaded into context. But the preflightRequest for that endpoint is getting 403 Forbidden response, and the CORS response heaeders are not set. I am using JBOSS, but I have verified that the OPTIONS request get to Spring (the FrameworkServlet doOptions method is being executed, checked via debugger). Is there anything else I should configure for CORS in spring MVC?

BTW The context CORS config and Annotation config - I tried to make it work so I tried with xml, annotations and both.

maslan · Accepted Answer

It appears, that this is also necessary:

@Configuration
@EnableWebMvc
public class WebConfig extends WebMvcConfigurerAdapter {
    @Override
    public void addCorsMappings(CorsRegistry registry) {
        registry.addMapping("/**");
    }
}

Spring MVC 4.2+ CORS returning 403

Answers (1)

Related Questions