Spring Data Rest and Cors

by

Indeed, before Spring Data REST 2.6 (Ingalls) only HandlerMapping instances created by Spring MVC WebMvcConfigurationSupport and controllers annotated with @CrossOrigin were CORS aware.

But now that DATAREST-573 has been fixed, RepositoryRestConfiguration now exposes a getCorsRegistry() for global setup and @CrossOrigin annotations on repositories are also recognized so this is the recommended approach. See https://stackoverflow.com/a/42403956/1092077 answer for concrete examples.

For people that have to stick to Spring Data REST 2.5 (Hopper) or previous versions, I think the best solution is to use a filter based approach. You could obviously use Tomcat, Jetty or this one, but be aware that Spring Framework 4.2 also provides a CorsFilter that use the same CORS processing logic that @CrossOrigin and addCorsMappings(CorsRegistry registry) approaches. By passing an UrlBasedCorsConfigurationSource instance to the CorsFilter constructor parameter, you could easily get something as powerful as Spring native CORS global support.

If you are using Spring Boot (which supports Filter beans), it could be something like:

@Configuration
public class RestConfiguration {

    @Bean
    public FilterRegistrationBean corsFilter() {
        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
        CorsConfiguration config = new CorsConfiguration().applyPermitDefaultValues();
        source.registerCorsConfiguration("/**", config);
        FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
        bean.setOrder(0);
        return bean;
    }
}

More Related Contents:

  1. CORS allowed-origin restrictions aren’t causing the server to reject requests
  2. Disable Spring Security for OPTIONS Http Method
  3. Expose all IDs when using Spring Data Rest
  4. How to get active user’s UserDetails
  5. Add context path to Spring Boot application
  6. How to serve .html files with Spring
  7. Sending message to specific user on Spring Websocket
  8. How to manage REST API versioning with spring?
  9. How does the Spring @ResponseBody annotation work?
  10. Spring MVC: How to return custom 404 errorpages?
  11. Serializing enums with Jackson
  12. Spring get current ApplicationContext
  13. Spring Boot and custom 404 error page
  14. How to include js and CSS in JSP with spring MVC
  15. How to implement pagination in Spring MVC 3 [closed]
  16. Parsing JSON in Spring MVC using Jackson JSON
  17. Multipart File upload Spring Boot
  18. How to get the current logged in user object from spring security?
  19. Why does Spring MVC need at least two contexts?
  20. how to display custom error message in jsp for spring security auth exception
  21. Spring 3.0 MVC binding Enums Case Sensitive
  22. How to return JSON data from spring Controller using @ResponseBody
  23. Autowired gives Null value in Custom Constraint validator
  24. Can you completely disable CORS support in Spring?
  25. Why SpringMVC Request method ‘GET’ not supported?
  26. Return a stream with Spring MVC’s ResponseEntity
  27. Could not open ServletContext resource [/WEB-INF/applicationContext.xml]
  28. What are annotations and how do they actually work for frameworks like Spring?
  29. java.lang.ClassNotFoundException: org.springframework.web.servlet.DispatcherServlet error
  30. Spring MVC: How to modify json response sent from controller

Leave a Comment