Login/Register
CORS - Tomcat - Geoserver
Asked Answered
Solved tomcatcross-domaintomcat7corsgeoserver
M

4

30

All, I am trying to get CORS enabled on Tomcat 7.0.52 for Geoserver.

I modified web.xml in conf in tomcat, as specified in http://tomcat.apache.org/tomcat-7.0-doc/config/filter.html#CORS_Filter

But, that did not help set cross-origins in the header. I even tried it for geoserver web-inf/web.xml which did not help.

Any suggestions are appreciated.

Thanks!

Mathildamathilde answered 12/3, 2014 at 20:34 Comment(6)
Given that there is no such Tomcat version as 7.0.57, which version are you actually using? Exactly what did you add to exactly which web.xml file(s).Audreaaudres
Sorry for the typo - its 7.0.52Mathildamathilde
For testing purposes, it is the xml piece under "Here's an example of a more advanced configuration, that overrides defaults:" in the above link. I understand that would be wide open, but after testing, it can be modified to a more appropriate one.Mathildamathilde
And you added that text to which XML file? You need to answer all of the questions people ask.Audreaaudres
Tomcat\conf -> web.xml for all web applications. I even tried GeoServer WEB-LIB\web.xml to get it working!Mathildamathilde
WEB-LIB\xml? Really? I'd suggest enabling debug logging but a quick scan of the code suggests that won't tell you anything useful. Are upi able to do remote debugging of the Tomcat instance?Audreaaudres
B
49

I need to do the same to avoid the usage of a proxy in OpenLayers.

Since I'm running Ubuntu 12.04, I've installed Tomcat 7.0.55, instead of the default 7.0.26 (installed from packages).

To add CORS headers, I simply added to $CATALINA_HOME/conf/web.xml the following lines:

<filter>
  <filter-name>CorsFilter</filter-name>
  <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
  <init-param>
    <param-name>cors.allowed.origins</param-name>
    <param-value>*</param-value>
  </init-param>
</filter>
<filter-mapping>
  <filter-name>CorsFilter</filter-name>
  <url-pattern>/*</url-pattern>
</filter-mapping>

and then restart tomcat.

For example, when I try to fetch from Geoserver the URL http://development.localhost.lan/geoserver/wfs from my application running on http://localhost:3000 I get the following headers:

Requested headers:

POST /geoserver/wfs HTTP/1.1
Host: development.localhost.lan
Origin: http://localhost:3000
X-Requested-With: XMLHttpRequest
(...)

Response headers:

Access-Control-Allow-Credentials:true
Access-Control-Allow-Origin:http://localhost:3000
Connection:Keep-Alive
Content-Disposition:inline; filename=geoserver-GetFeature.text
Content-Encoding:gzip
Content-Length:469
Content-Type:text/xml; subtype=gml/3.1.1
Date:Tue, 29 Jul 2014 21:31:08 GMT
Keep-Alive:timeout=5, max=100
Server:Apache-Coyote/1.1

This worked with Chrome (Ver. 35.0.1916.153) and Firefox (Ver. 31.0).

Bryan answered 29/7, 2014 at 21:51 Comment(3)
For me the file was /var/lib/tomcat7/webapps/geoserver/WEB-INF/web.xmlPainless
will it fix authentication issues?Unique
For me the file was /var/lib/tomcat8/webapps/geoserver/WEB-INF/web.xml. It resolved the issue at last Thanks @Bryan and Terry Brown.Inez
P
6

I needed to add the following to the CorsFilter to make sure that the preflight 'OPTIONS' request was allowed

<init-param>
  <param-name>cors.allowed.methods</param-name>
  <param-value>GET,POST,HEAD,OPTIONS,PUT</param-value>
</init-param>
Pansir answered 25/3, 2015 at 15:44 Comment(1)
This is useful addendum to the answer given by @Bryan if other methods are required.Weaponless
S
2

In my case I was using kartoza/geoserver docker image and I had to download the GeoServer war file from the GeoServer website (for the version used in the docker image) and added the geoserver.war file to the directory /usr/local/tomcat/webapps/ and restarted tomcat.

Only with this configuration above, I managed to enable CORS. Only adding the corsFilter code to web.xml and restarting tomcat, it was resulting in a 404 error when accessing GeoServer. So after adding the war file, the corsFilter code is recognised and it works well.

I hope this helps someone with a similar error.

Sruti answered 9/4, 2020 at 0:3 Comment(0)
S
-1

Hey Guys After adding this script in web.xml 

<filter>
    <filter-name>cross-origin</filter-name>
    <filter-class>org.eclipse.jetty.servlets.CrossOriginFilter</filter-class>
    <init-param>
        <param-name>allowedOrigins</param-name>
        <param-value>*</param-value>
    </init-param>
    <init-param>
        <param-name>allowedMethods</param-name>
        <param-value>*</param-value>
    </init-param>
    <init-param>
        <param-name>allowedHeaders</param-name>
        <param-value>*</param-value>
    </init-param>
</filter>
<filter-mapping>
    <filter-name>cross-origin</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

please change the url in your ajax like this 

var boxsource = new ol.source.Vector({
        //url: '{{ resource.ows_url|safe }}',
        url: 'http://localhost:8080/geoserver/wfs?srsName=EPSG%3A4326&typename=cite:box&outputFormat=json&version=1.1.0&service=WFS&request=GetFeature',
        format: new ol.format.GeoJSON(),

        params: {'LAYERS': '{{ resource.typename }}'},
        //STYLES:{'LAYERS': '{{ resource.typename }}'}

    });

then it will be okey. I promise

Shir answered 13/7, 2017 at 4:24 Comment(1)
don't add the jetty servlet to a tomcat installDogs

© 2022 - 2024 — McMap. All rights reserved.