#Springboot enable CORS don't work

20 messages · Page 1 of 1 (latest)

glossy fern
#

Hello together, i hope someone can help me here.

Informations:
I have a spring boot application depolyed on google cloud and there for i need to enable CORS, that my local frontend can send rest calls to this springboot application (backend). I also use Spring Security

SecurityConfiguration class:
https://hastebin.skyra.pw/qocuyosubu.java

Those Methode are in the SecurityConfiguration

 @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
        HttpSecurity httpSecurity = http
                .csrf(AbstractHttpConfigurer::disable)
                .requiresChannel(channel -> channel.anyRequest().requiresSecure())
                .authorizeHttpRequests(request -> request.requestMatchers("/api/v1/auth/**")
                        .permitAll().anyRequest().authenticated())
                .sessionManagement(manager -> manager.sessionCreationPolicy(STATELESS))
                .authenticationProvider(authenticationProvider())
                .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);

        return httpSecurity.build();
    }

    @Bean
    public CorsConfigurationSource configurationSource() {
        log.info("Load CorsConfigurationSource");
        UrlBasedCorsConfigurationSource urlBasedCorsConfigurationSource = new UrlBasedCorsConfigurationSource();
        CorsConfiguration corsConfiguration = new CorsConfiguration();

        corsConfiguration.setAllowCredentials(true);
        corsConfiguration.setAllowedOrigins(Collections.singletonList("*"));
        corsConfiguration.setAllowedMethods(Collections.singletonList("*"));
        corsConfiguration.setAllowedHeaders(Collections.singletonList("*"));

        urlBasedCorsConfigurationSource.registerCorsConfiguration("/**", corsConfiguration);

        return urlBasedCorsConfigurationSource;
    }

Here is an example of RestController (LoginController):
https://hastebin.skyra.pw/otopoxukem.kotlinHere

steep oliveBOT
#

This post has been reserved for your question.

Hey @glossy fern! Please use /close or the Close Post button above when your problem is solved. Please remember to follow the help guidelines. This post will be automatically closed after 300 minutes of inactivity.

TIP: Narrow down your issue to simple and precise questions to maximize the chance that others will reply in here.

twin musk
#

what is the browser telling you?

glossy fern
#

Unfortunately I can’t tell, how the response looks like :/

#

But I assume that the CorsCondigurstionSource applies

twin musk
#

try doing corsConfiguration.setAllowedHeaders(List.of("Access-Control-Allow-Origin"));
instead of what you have

glossy fern
#

I get the same result :/

twin musk
#

Try changing this corsConfiguration.setAllowedOrigins(Collections.singletonList("*"));
to corsConfiguration.setAllowedOriginPatterns(Collections.singletonList("*"));

glossy fern
#

Unfortunately the same result

twin musk
#

corsConfiguration.setAllowedOriginPatterns(Collections.singletonList("http://localhost:4200*"));?

glossy fern
#

Not https?

#

Oh it looks like I have some problem with Google Cloud and not Cors

Bild_29.10.23_um_01.25.jpg
twin musk
#

https yes. coppied from another place my bad

#

is that with the https config or with the http?

glossy fern
#

I only have https

#

But it looks like I have Problem google cloud run, for some reason i can’t reach my application 🤔

glossy fern
#

Anyways Thank you very much

steep oliveBOT
# glossy fern Anyways Thank you very much

If you are finished with your post, please close it.
If you are not, please ignore this message.
Note that you will not be able to send further messages here after this post have been closed but you will be able to create new posts.