CORS filter not working with a JAX-RS application deployed in JBoss EAP 6

Solution Verified - Updated -

Issue

I am trying to add a filter which adds CORS Headers to my REST resources. (we are using the jetty-servlets-filter implementation as mentioned in: How to enable Cross-Origin Resource Sharing (CORS) on JBoss EAP 6 )

The filter does work, but only if the browser doesn't use a preflight before the actual call.

When the browser sends a preflight, the filter code gets executed, but the response header doesn't match the implementation. It seems like it gets overwritten somehow.

Header without preflight (GET-Call from Chrome Browser):
Access-Control-Allow-Credentials:true
Access-Control-Allow-Origin:http://localhost:3000
Access-Control-Expose-Headers:Access-Control-Allow-Origin,Access-Control-Allow-Credentials
Content-Type:application/json
Date:Wed, 16 Mar 2016 16:06:17 GMT
Server:Apache-Coyote/1.1
Transfer-Encoding:chunked

Header from preflight:

Allow:HEAD, POST, GET, OPTIONS
Content-Length:0
Date:Wed, 16 Mar 2016 16:06:03 GMT
Server:Apache-Coyote/1.1

What is wrong with my configuration?

Environment

  • Red Hat JBoss Enterprise Application Platform (EAP)
    • 6.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content