You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@cxf.apache.org by R��mi Aubel <re...@gmail.com> on 2019/07/29 08:23:26 UTC

CORS headers not set in response on error

Hi,

Our application uses org.apache.cxf.rs.security.cors.CrossOriginResourceSharingFilter to process preflight. We need to configure this filter so that it does not attempt to find the resource method (findResourceMethod=false).
When the request is successfully answered, CORS headers are correctly set in the response.
But if my request is rejected by another CXF filter (for instance because it is not authorized or not authenticated), the CXF Exchange is not instrumented and CORS headers are not set in the response.
What can I do to have CORS headers properly set?

Regards,
Rémi