Do to the specific requirements of my application. The server needs to be seporate completly seporate from the client. The client should be able to connect to the communication server via any method it can.
Since the first implementation of this application is going to be REST driven, I need to be able to accept rest from anywhere.
In addition, I want a completly xml-less config, so I use Guice with an imbedded Jetty server. Since I do not have a web.xml file, I could not figure out how to set the headers to allow CORS.
After alot of trial and error, and reading the guice documentation, I found how to add the CORS headers to the response leaving the server.
The Guice ServletModule class allows you to add filters to your servlet context. This allows me to have all requests pass through a given servlet.
Since I am trying to build a rest application that responds to CORS requests, i needed a filter that added the cors headers to the response of any request.
So to enable cors in my embedded server using guice I built a filter that looks like this:
@Singleton
public class CorsFilter implements Filter{
@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain filterChain) throws IOException, ServletException {
if(response instanceof HttpServletResponse){
HttpServletResponse alteredResponse = ((HttpServletResponse)response);
addCorsHeader(alteredResponse);
}
filterChain.doFilter(request, response);
}
private void addCorsHeader(HttpServletResponse response){
//TODO: externalize the Allow-Origin
response.addHeader("Access-Control-Allow-Origin", "*");
response.addHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE, HEAD");
response.addHeader("Access-Control-Allow-Headers", "X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept");
response.addHeader("Access-Control-Max-Age", "1728000");
}
@Override
public void destroy() {}
@Override
public void init(FilterConfig filterConfig)throws ServletException{}
}
Guice provides an abstract class that allows you to configure the Guice Servlet.
The configuration module looks like this:
public class RestModule extends ServletModule{
@Override
protected void configureServlets() {
bind(MyServiceClass.class);
// hook Jersey into Guice Servlet
bind(GuiceContainer.class);
// hook Jackson into Jersey as the POJO <-> JSON mapper
bind(JacksonJsonProvider.class).in(Scopes.SINGLETON);
Map<String, String> guiceContainerConfig = new HashMap<String, String>();
serve("/*").with(GuiceContainer.class, guiceContainerConfig);
filter("/*").through(CorsFilter.class);
}
}
Now guice will add cors headers to every response. Allowing my pure HTML 5 application to talk to it, no matter where it is being served.