By: Marius Popescu user 29 Nov 2016 at 12:59 p.m. CST

1 Response
Marius Popescu gravatar
Hi guys Just wondering if you can point me to the right file/configuration in order to add the CORS (Cross Origin Resource Sharing) Headers on the Gluu Server Requests Please find below the HTTP Headers I'd like to add to my config: ``` # Always set these headers. Header always set Access-Control-Allow-Credentials "true" Header always set Access-Control-Allow-Origin "https://www.example.com:3000" Header always set Access-Control-Allow-Methods "PATCH, POST, GET, OPTIONS, DELETE, PUT" Header always set Access-Control-Max-Age "1000" Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, X-WSSE, accept, client-security-token" # Added a rewrite to respond with a 200 SUCCESS on every OPTIONS request. RewriteEngine On RewriteCond %{REQUEST_METHOD} OPTIONS RewriteRule ^(.*)$ $1 [R=200,L] ``` Thanks a bunch Marius

By Aliaksandr Samuseu staff 29 Nov 2016 at 1:18 p.m. CST

Aliaksandr Samuseu gravatar
Hi, Marius. Please check this [github issue](https://github.com/GluuFederation/oxAuth/issues/175). It also mentions one possible way to achieve what you need (using Tomcat's standard CORS filter )