Skip to content

Add preflight support to HttpAuthenticationFilter #953

New issue
New issue
Closed
#2372
Closed
Add preflight support to HttpAuthenticationFilter#953
#2372
Labels
coreCore Moduleshelp-wantedHelp Wantedshiro-2.0.0validDisable automation for valid issues
Milestone
2.1.0
@jepsar

Description

@jepsar
jepsar
opened on Jun 23, 2023

It would be nice if there was native (optional) support to always grant access to preflight requests.

https://developer.mozilla.org/en-US/docs/Glossary/Preflight_request

In our JAX RS project, we added this to our filter:

 @Override protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) { if (isPreflightRequest(request)) { return true; } return super.isAccessAllowed(request, response, mappedValue); } protected boolean isPreflightRequest(ServletRequest request) { HttpServletRequest httpRequest = WebUtils.toHttp(request); return httpRequest.getHeader("Origin") != null && httpRequest.getMethod().equals("OPTIONS"); }

Metadata

Metadata

Assignees

No one assigned

    Labels

    coreCore Moduleshelp-wantedHelp Wantedshiro-2.0.0validDisable automation for valid issues

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions