25

I have a RESTful webservice which will return string and it was written in Java (JAX-WS). My problem is when I send request to that webservice with URL like :

http://localhost:8080/project/webservices/getlist/getListCustomers

In the console it's giving me the error message below:

XMLHttpRequest cannot load url Origin localhost is not allowed by Access-Control-Allow-Origin

How can I handle this issue?

Java code:

@GET
@Path("/getsample")
public Response getMsg() { 
    String output = "Jersey say : " ;   
    return Response.status(200).entity(output).build();
}
Improve this question
1
  • You mean JAX-RS. JAX-WS is a SOAP. Commented May 27, 2020 at 14:40

1 Answer 1

Reset to default
46

Read here about your issue CORS : http://enable-cors.org/

Check if this one help you in your getMsg() method:
return Response.ok(output).header("Access-Control-Allow-Origin", "*").build();

If above doesn't work try to add Jersey filter to your service. Create filter class:

package your.package;

public class CORSFilter implements ContainerResponseFilter {

    @Override
    public ContainerResponse filter(ContainerRequest creq, ContainerResponse cresp) {

        cresp.getHttpHeaders().putSingle("Access-Control-Allow-Origin", "*");
        cresp.getHttpHeaders().putSingle("Access-Control-Allow-Credentials", "true");
        cresp.getHttpHeaders().putSingle("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT, OPTIONS, HEAD");
        cresp.getHttpHeaders().putSingle("Access-Control-Allow-Headers", "Content-Type, Accept, X-Requested-With");

        return cresp;
    }
}

And register later win web.xml with:

<servlet>
<servlet-name>CORS Filter</servlet-name>
<servlet-class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet-class>
 <init-param>
    <param-name>com.sun.jersey.spi.container.ContainerResponseFilters</param-name>
    <param-value>your.package.CORSFilter</param-value>
 </init-param>
</servlet>
<servlet-mapping>
    <servlet-name>CORS Filter</servlet-name>
    <url-pattern>/webservices/*</url-pattern>
</servlet-mapping>

Another solution is to use this code inside your resource to provide OPTIONS for the browser. Put this in the class where you have @GET.

  @OPTIONS
  @Path("/getsample")
  public Response getOptions() {
    return Response.ok()
      .header("Access-Control-Allow-Origin", "*")
      .header("Access-Control-Allow-Methods", "POST, GET, PUT, UPDATE, OPTIONS")
      .header("Access-Control-Allow-Headers", "Content-Type, Accept, X-Requested-With").build();
  }

If non of this work, try to exchange the "*" provided for "Access-Control-Allow-Origin" header with your custom domain where you access this resource. I.g. If you call this from http://localhost::8080 use something like this ("Access-Control-Allow-Origin", "http://localhost:8080") instead of asterisk "*".

Improve this answer
Sign up to request clarification or add additional context in comments.

8 Comments

this change working on IE, not working on chrome still same issue
after long research, your solution seems to be better and good, thanks for your reply, keep me updated if you find any permanent solution.
I go through the same CORS problem last time. I was surprised by many solutions on the internet. Everyone has something which works for him. For me the Jersey filter works pretty good. Permanent solution would be one which works for you. Are you be able to run the rest request?
GET works fine but when I try POST then I get 'Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'localhost' is therefore not allowed access.' error. How do I solve that?
Thanks, this solved my issue with an Ionic React app. For me on my server side it was following: javax.servlet.http.HttpServletResponse response.addHeader(...)
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.