Cross Domain Scripting Enabling
I'm working with Tomcat and I am having some problems with Access-Control-Allow-Origin.
To my understanding, I can modify my web service's web.xml file to open the service up to the world. (Not sure how to do this for sure, but I don't want to anyway.)
How do I add a filter to allow specific websites to interact with it? eg my1.website.com, my2.website.com, and of course it's self.
The area of web.xml I believe should be modified is this...
<servlet> <description>My Description</description> <display-name>My Service's Display Name</display-name> <servlet-name>My Servlet's Name</servlet-name> <servlet-class>My Servlet's Class</servlet-class> </servlet> <servlet-mapping> <servlet-name>My Servlet's Name</servlet-name> <url-pattern>/MyPattern</url-pattern> </servlet-mapping>
Do I use something like CORS and add...
<servlet> . . . <filter> <filter-name>CORS</filter-name> <filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class> </filter> <filter-mapping> <filter-name>CORS</filter-name> <url-pattern>/*</url-pattern> <url-pattern>my1.website.com</url-pattern> <url-pattern>my2.website.com</url-pattern> </filter-mapping> </servlet>
Also, is it possible to do something like...
Thanks for any help!
I've had to go through the server owners since they have many filters already running and I don't want to interfere with the others.
However, others interested in doing this I finally found some nice documentation mainly...