I'm working on multiple angular clients consuming the same Restful apis, from different domain names, i made the configuration at server side, and it worked when there was one client, but after adapting the CorsFilter Component, my angular clients throw this message.
The 'Access-Control-Allow-Origin' header contains multiple values
public class CorsFilter implements Filter {
public CorsFilter() {
}
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
throws IOException, ServletException {
HttpServletResponse httpResponse = (HttpServletResponse) res;
httpResponse.setHeader("Access-Control-Allow-Origin", "http://localhost:5200, http://localhost:4200");
httpResponse.setHeader("Access-Control-Allow-Methods", "POST, GET, PUT, OPTIONS, DELETE");
httpResponse.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
httpResponse.setHeader("Access-Control-Allow-Credentials", "true");
httpResponse.setHeader("Access-Control-Max-Age", "4800");
chain.doFilter(req, res);
}
@Override
public void destroy() {
}
@Override
public void init(FilterConfig arg0) throws ServletException {
}
}
Ajax call from angular 2 Service
login(form) {
var objectToSend = "j_username="+form.j_username+"&j_password="+form.j_password;
let headers = new Headers(
{
'Content-Type': 'application/x-www-form-urlencoded' ,
}
);
let options = new RequestOptions({ headers: headers ,withCredentials : true});
return this.http.post('http://localhost:8080/**/authenticate', objectToSend,options)
.map((res) => res)
.catch((error:any) => Observable.throw(error.text() || 'Server error' ));
}