Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Default CORS support in web.xml #523

Closed
nynymike opened this issue May 6, 2017 · 3 comments
Closed

Default CORS support in web.xml #523

nynymike opened this issue May 6, 2017 · 3 comments
Assignees
@aliaksander-samuseu
Labels
enhancement libs update, re-factroring, etc.
Milestone
CE 3.0.2

Comments

@nynymike
Copy link
Contributor

nynymike commented May 6, 2017

We should update the filter element in oxauth's web.xml to support CORS by default.
@nynymike nynymike added the enhancement libs update, re-factroring, etc. label May 6, 2017
@nynymike nynymike added this to the CE 3.0.2 milestone May 6, 2017
@qbert2k
Copy link
Contributor

qbert2k commented May 17, 2017

CORS must be configured in oxAuth Configuration (LDAP)

    "corsConfigurationFilters": [
        {
            "filterName": "CorsFilter",
            "corsAllowedOrigins": "*",
            "corsAllowedMethods": "GET,POST,HEAD,OPTIONS",
            "corsAllowedHeaders": "Origin,Authorization,Accept,X-Requested-With,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers",
            "corsExposedHeaders": "",
            "corsSupportCredentials": true,
            "corsLoggingEnabled": false,
            "corsPreflightMaxAge": 1800,
            "corsRequestDecorate": true
        }
    ]

@willow9886
Copy link
Contributor

willow9886 commented May 26, 2017
edited
Loading

@qbert2k @aliaksander-samuseu is this issue resolved?

@aliaksander-samuseu
Copy link
Contributor

aliaksander-samuseu commented May 29, 2017
edited
Loading

@nynymike @qbert2k @willow9886

CORS configuration is moved to LDAP in 3.0.2 and correct configuration is loaded by filter successfully now. Javier also updated default filter settings to include "Authorization" header (commit). Default configuration is enough to support implicit flow out-of-the-box now, closing the issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@aliaksander-samuseu aliaksander-samuseu

Labels
enhancement libs update, re-factroring, etc.
Projects
None yet
Milestone
CE 3.0.2
Development

No branches or pull requests
4 participants
@qbert2k @nynymike @willow9886 @aliaksander-samuseu