How to Implement CORS Filtering with JAX-RS and Jersey (1.x and 2.x)?-javaTutorial-php.cn

How to Implement CORS Filtering with JAX-RS and Jersey (1.x and 2.x)?

Linda Hamilton

Release： 2024-12-17 04:09:24

Original

806 people have browsed it

How to Implement CORS Filtering with JAX-RS and Jersey (1.x and 2.x)?

Handling CORS with JAX-RS and Jersey

Cross-Origin Resource Sharing (CORS) enables secure data exchange between resources on different domains. To handle CORS in Java applications using JAX-RS with Jersey, a ContainerResponseFilter can be utilized. In this article, we will explore how to implement CORS filtering with both Jersey 2.x and 1.x versions.

Jersey 2.x

For Jersey 2.x, the following implementation of ContainerResponseFilter serves our purpose effectively:

import java.io.IOException;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerResponseContext;
import javax.ws.rs.container.ContainerResponseFilter;

@Provider
public class CORSFilter implements ContainerResponseFilter {

    @Override
    public void filter(ContainerRequestContext request, ContainerResponseContext response) throws IOException {
        response.getHeaders().add("Access-Control-Allow-Origin", "*");
        response.getHeaders().add("Access-Control-Allow-Headers", "CSRF-Token, X-Requested-By, Authorization, Content-Type");
        response.getHeaders().add("Access-Control-Allow-Credentials", "true");
        response.getHeaders().add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS, HEAD");
    }
}

Copy after login

Jersey 1.x

For Jersey 1.x, the following implementation of ContainerResponseFilter should be used:

import com.sun.jersey.spi.container.ContainerRequest;
import com.sun.jersey.spi.container.ContainerResponse;
import com.sun.jersey.spi.container.ContainerResponseFilter;

@Provider
public class CORSFilter implements ContainerResponseFilter {
    @Override
    public ContainerResponse filter(ContainerRequest request, ContainerResponse response) {

        response.getHttpHeaders().add("Access-Control-Allow-Origin", "*");
        response.getHttpHeaders().add("Access-Control-Allow-Headers", "CSRF-Token, X-Requested-By, Authorization, Content-Type");
        response.getHttpHeaders().add("Access-Control-Allow-Credentials", "true");
        response.getHttpHeaders().add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS, HEAD");

        return response;
    }
}

Copy after login

Configuring the Filters

To register these filters in your application, you can use package scanning or explicit registration. For Jersey 2.x, package scanning should be sufficient, while Jersey 1.x may require explicit registration in web.xml or the ResourceConfig.

Additional Considerations

Please note that this implementation is a simplistic approach and may not address all CORS-related details. For a more robust and customizable solution, it is recommended to explore the CorsFilter provided by RESTeasy, which conforms to the latest CORS specifications.

The above is the detailed content of How to Implement CORS Filtering with JAX-RS and Jersey (1.x and 2.x)?. For more information, please follow other related articles on the PHP Chinese website!