Reputation: 433
How to properly deploy an Angular 2 app with a Java backend?
The scenario is this: I'm developing a Java EE application with an Angular 2 frontend. The client has an Apache server which is usually used to serve static resources and an Oracle Weblogic for the dynamic part. The problem is that by default the Angular 2 App and the Weblogic server will not be able to talk each other due to the Same Origin Policy.
So far I have 3 possible deployment approaches in mind:
Set up a Reverse Proxy in Apache to point the REST endpoints to Weblogic
Package the Angular App in a WAR/EAR and deploy it to Weblogic. So I would end up with something like: myserver/myapp for the UI and myserver/myapp-rest for the Backend.
Package the Angular App in the same WAR as the Java backend. So I would end up with myserver/myapp for the UI and myserver/myapp/api for the REST endpoints.
There is a 4th option which would be setting up CORS, but I'm worried about the security using that approach.
Which is the right approach?
Upvotes: 1
Views: 1230
Answers (1)
Reputation: 1456
If you are allowed to make infra decisions , change apache webserver to nginx , we switched to nginx and got lot of added values in terms of concurrent processing. In our project the angular client is served by nginx webserver which talks to java backend hosted on tomcat 8.x(our app server) , also there are couple of tiers after app-server a separate DB server and an elastic search server.
Don't feel intimidated to set up CORS, you will eventually need to allow some origins requests which don't originate on your domain and port.
If your java tech stack has spring mvc , then setting up CORS is just a matter of adding few lines of configuration. You can even hardcode your angular url to allow backend server to serve requests only from your angular URL. In normal JavaEE world, CORS is just another filter or interceptor where you can set response headers with all the allowed origins, http methods etc. It's very simple you can look it up.
For your given choices
- seems plausible and a value addition that you get is you can delegate SSL encryption to proxy server .
- seems rather odd, you would want to separate the static content server from dynamic contents server, your angular js bundles, assets etc are mostly static, if you keep your static server separate then you can configure cookie-less domains down the line that would make serving a lot faster.
3 same as 2.
I would strongly suggest the CORS option , from my past experiences.
Upvotes: 1
Related Questions
- Deploy Spring boot and angular project to weblogic 12c
- AngularJS/HTML(Frontend) and Java RESTful Service(Backend) Hosting
- Packaging an Angular project as a webapp with Maven
- Java backend + Angular 2 (or higher) frontend
- Best Practice:Deploying Angular App and Spring REST Api
- Implement an AngularJS front-end to a Spring back-end
- Angular 2 with existing Java application
- How to set an angular2 app up so that it can access a local rest service?
- What is correct approach to build REST angular application?
- Deploying Jersey based Restful webservice in Weblogic 12c