CORS-Filter for all webapps?

[Geod Master <ge...@gmail.com>]

Hi there,

I am having issues with Cross-Origin Resource Sharing (CORS).
I use Tomcat 7.0.57 with deegree-webservices 3.3.13 on both a Windows
Server 2013 and Windows Pro SP1 on my localhost.
I have a html with javascript-code and want to send requests with AJAX to a
WFS running on the Tomcat Server.
I know Tomcat (7.0.57) is able to Filter CORS-Requests and I implemented a
Filter in Tomcats web.xml (in Tomcat 7.0/conf/) to allow requests from all
Origins.
In order to test it I put a test-file in some random Tomcat directories on
the server and try to access it from localhost via an AJAX-request in my
javascript-code. It Works.
But as soon as I make a WFS-request to my deegree-WFS (or even if I just
put the test-file in the deegree directory) I can't access it any more.
Error: No 'Access-Control-Allow-Origin' header is present on the requested
resource. Origin 'http://localhost:8080' is therefore not allowed access.
The response had HTTP status code 500.

What I thought is if I configure the web.xml in Tomcat/conf it should be
valid for all webapps and also deegree. Am I wrong? Also if I put the
CORS-Filter in Tomcat/webapps/deegree-webservices-3.3.13/web-inf/web.xml it
doesn't work.

Somebody an idea what I am doing wrong?

Cheers
Eike