diff --git a/src/main/java/com/theo/api_gateway/CorsConfig.java b/src/main/java/com/theo/api_gateway/CorsConfig.java
index 7ad439c..225a320 100644
--- a/src/main/java/com/theo/api_gateway/CorsConfig.java
+++ b/src/main/java/com/theo/api_gateway/CorsConfig.java
@@ -1,30 +1,47 @@
-///*******************************************************************************
-// * Copyright (c) 2021 CERTH
-// *
-// * This program and the accompanying materials
-// * are made available under the terms of the Eclipse Public License 2.0
-// * which accompanies this distribution, and is available at
-// * https://www.eclipse.org/legal/epl-2.0/
-// *
-// * SPDX-License-Identifier: EPL-2.0
-// *
-// * Contributors:
-// * theioakiti - initial API and implementation
-// *******************************************************************************/
-//package com.theo.api_gateway;
-//
-//import org.springframework.context.annotation.Configuration;
-//import org.springframework.web.reactive.config.CorsRegistry;
-//import org.springframework.web.reactive.config.WebFluxConfigurer;
-//
-//@Configuration
-//public class CorsConfig implements WebFluxConfigurer {
-//
-// @Override
-// public void addCorsMappings(final CorsRegistry registry) {
-// registry.addMapping("/**")
-// .allowedOrigins("*")
-// .allowedMethods("*")
-// .allowedHeaders("*");
-// }
-//}
+/*******************************************************************************
+ * Copyright (c) 2021 CERTH
+ *
+ * This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License 2.0
+ * which accompanies this distribution, and is available at
+ * https://www.eclipse.org/legal/epl-2.0/
+ *
+ * SPDX-License-Identifier: EPL-2.0
+ *
+ * Contributors:
+ * theioakiti - initial API and implementation
+ *******************************************************************************/
+package com.theo.api_gateway;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.reactive.CorsConfigurationSource;
+import org.springframework.web.cors.reactive.UrlBasedCorsConfigurationSource;
+
+import java.util.List;
+
+@Configuration
+public class CorsConfig {
+
+ /**
+ * Will ensure that a {@link org.springframework.web.cors.reactive.CorsWebFilter} is added before
+ * the Spring Security filters, so that CORS preflight requests are accepted without authentication.
+ *
+ * See Spring Security
+ * documentation.
+ *
+ * @return {@link CorsConfigurationSource}
+ */
+ @Bean
+ public CorsConfigurationSource corsConfigurationSource() {
+ final CorsConfiguration configuration = new CorsConfiguration();
+ // TODO: use "setAllowedOriginPatterns"
+ configuration.setAllowedOrigins(List.of("*"));
+ configuration.setAllowedMethods(List.of("*"));
+ configuration.setAllowedHeaders(List.of("*"));
+ final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+ source.registerCorsConfiguration("/**", configuration);
+ return source;
+ }
+}
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
index bd34be5..f1f8e4e 100644
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -12,12 +12,6 @@ spring:
issuer-uri: https://keycloak-smartclide-che.che.smartclide.eu/auth/realms/che
cloud:
gateway:
- globalcors:
- corsConfigurations:
- '[/**]':
- allowedOrigins: "*"
- allowedHeaders: "*"
- allowedMethods: "*"
routes:
# MoM Rest API
- id: mom-rest
@@ -223,4 +217,3 @@ spring:
- Path=/petstore/**
filters:
- RewritePath=/petstore/?(?.*), /v2/$\{segment}
-