Camel JAX-RS and Cross Domain Request

Question

I'd like to be able to do HTTP requests on my localhost Camel instance (just for development purpose, I know this is bad practice). For now, I'm stuck with :

 Origin http://localhost:8000 is not allowed by Access-Control-Allow-Origin.

I've search how can I tell Camel to allow such requests, but didn't find an answer. I'm using camel-cxf and the rsServer to create my endpoint.

I've got an endpoint looking like that :

public class LoginEndpoint {
    @GET
    @Path(LOGIN)
    @Produces(MediaType.APPLICATION_JSON)
    public Customer login(@QueryParam("email") String email, @QueryParam("password") String password) {
        return null;
    }
}

Than a standard route is doing the job.

How can I tell Camel (or JAX-RS, or the CXFRS component, I don't know...) to allow Cross Domain Requests ?

Answer 1

You need to add an annotation on your endpoint

@CrossOriginResourceSharing(allowAllOrigins = true, allowAnyHeaders = true)
public class LoginEndpoint {
    @GET
    @Path(LOGIN)
    @Produces(MediaType.APPLICATION_JSON)
    public Customer login(@QueryParam("email") String email, @QueryParam("password") String password) {
        return null;
    }
}

I don't think you need a new dependency, as the annotation is in camel-cxf. But you need to tell Camel to look for this annotation, using the providers tag.

<cxf:rsServer id="login" address="your adress"
        serviceClass="LoginEndpoint">
    <cxf:providers>
        <bean class="org.apache.cxf.jaxrs.cors.CrossOriginResourceSharingFilter" />
    </cxf:providers>
</cxf:rsServer>

Then you should be fine (but remember that is just for local testing).

Answer 2

If you are using CXF 3.1.9, it is found in cxf-rt-rs-security-cors jar.

<jaxrs:server id="apiRS" address="/api">
    <jaxrs:serviceBeans>
            <bean class="com.ak.util.APIRSController"></bean>
    </jaxrs:serviceBeans>
    <jaxrs:providers>
        <bean class="org.apache.cxf.rs.security.cors.CrossOriginResourceSharingFilter" />
    </jaxrs:providers>
</jaxrs:server>

And REST

@CrossOriginResourceSharing(allowAllOrigins = true)
public class APIController {

    @GET
    @Path("/status")
    public String status() {
        return "{\"Result\":\"OK\"}";
    }
}

For more security see allowOrigins and other parameters at above annotation.