I’m working with Tomcat and I am having some problems with Access-Control-Allow-Origin.
To my understanding, I can modify my web service’s web.xml file to open the service up to the world. (Not sure how to do this for sure, but I don’t want to anyway.)
How do I add a filter to allow specific websites to interact with it? eg my1.website.com, my2.website.com, and of course it’s self.
The area of web.xml I believe should be modified is this…
<servlet>
<description>My Description</description>
<display-name>My Service's Display Name</display-name>
<servlet-name>My Servlet's Name</servlet-name>
<servlet-class>My Servlet's Class</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>My Servlet's Name</servlet-name>
<url-pattern>/MyPattern</url-pattern>
</servlet-mapping>
Do I use something like CORS and add…
<servlet>
.
.
.
<filter>
<filter-name>CORS</filter-name>
<filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CORS</filter-name>
<url-pattern>/*</url-pattern>
<url-pattern>my1.website.com</url-pattern>
<url-pattern>my2.website.com</url-pattern>
</filter-mapping>
</servlet>
Also, is it possible to do something like…
<url-pattern>*.website.com</url-pattern>
Thanks for any help!
I’ve had to go through the server owners since they have many filters already running and I don’t want to interfere with the others.
However, others interested in doing this I finally found some nice documentation mainly…
http://software.dzhuvinov.com/cors-filter-installation.html
http://software.dzhuvinov.com/cors-filter-configuration.html
http://software.dzhuvinov.com/files/cors/web.xml.txt