Cross-Origin Resource Sharing with Spring Security

Question

I\'m trying to make CORS play nicely with Spring Security but it\'s not complying. I made the changes described in this article and changing this line in applicationCo

Answer 1

In my case, response.getWriter().flush() was't working

Changed the code as below and it started working

public void doFilter(ServletRequest request, ServletResponse res, FilterChain chain)
        throws IOException, ServletException {

    LOGGER.info("Start API::CORSFilter");
    HttpServletRequest oRequest = (HttpServletRequest) request;
    HttpServletResponse response = (HttpServletResponse) res;
    response.setHeader("Access-Control-Allow-Origin", "*");
    response.setHeader("Access-Control-Allow-Methods", "POST,PUT, GET, OPTIONS, DELETE");
    response.setHeader("Access-Control-Max-Age", "3600");
    response.setHeader("Access-Control-Allow-Headers",
            " Origin, X-Requested-With, Content-Type, Accept,AUTH-TOKEN");
    if (oRequest.getMethod().equals("OPTIONS")) {
        response.flushBuffer();
    } else {
        chain.doFilter(request, response);
    }
}