Skip to main content

Setting up Access-Control-Allow-Origin for CORS support

3 replies [Last post]
john.brock
Offline
Joined: 2011-04-06

I have REST services running in a Glassfish 3 instance which is acting as the HTTP server as well. When a jQuery client, coming from a page on another server, it is encountering the following error:

XMLHttpRequest cannot load http:///rest/Depts. Origin http://localhost is not allowed by Access-Control-Allow-Origin.

Based on the draft W3C standard, Cross Origin Resource Sharing (CORS), the server responds to client requests with an "Origin" header with a "Access-Control-Allow-Origin" header:

http://www.w3.org/TR/cors/

Does Glassfish have support for this and or is it planned for the future? From my examination of the admin console, I didn't seen an HTTP configuration parameter that mapped to something like this.

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
houssemzaier
Offline
Joined: 2013-11-25

I have the same problem today with Glassfish 4, JEE7.
Any help? please .

john.brock
Offline
Joined: 2011-04-06

While I never did find an answer for this directly in the Glassfish Admin pages, I was able to add the CORS servlet filter to my server code by using a NetBeans feature that allows you to add this via a wizard.

Cross-Origin Resource Sharing Filter wizard is found under the Web Services section of the New gallery.

Hope that helps

houssemzaier
Offline
Joined: 2013-11-25

Thank you for this idea . I 've tried it when I was downloading a tutorial with netbeans .. and it didn't work .
Damn I hated this GlassFish.
Did it work with you case ?
I mean are you able to solve this problem using the glassfish 4 and netbeans?
May be I should re-install my server.
I am waiting for the wildfly, it will solve all the problems... it's coming ..