[ https://issues.apache.org/jira/browse/ARTEMIS-4027?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
daves updated ARTEMIS-4027: --------------------------- Attachment: etc.zip > Cannot access management API due to CORS problems (403) > ------------------------------------------------------- > > Key: ARTEMIS-4027 > URL: https://issues.apache.org/jira/browse/ARTEMIS-4027 > Project: ActiveMQ Artemis > Issue Type: Bug > Components: API > Affects Versions: 2.25.0 > Reporter: daves > Priority: Major > Attachments: etc.zip, options.JPG > > > I try to access the management API from a client app running in chrome. > This does not work because the preflight check fails. > OPTIONS request: > > {code:java} > fetch("http://localhost:8161/console/jolokia/?maxDepth=7&maxCollectionSize=50000&ignoreErrors=false&canonicalNaming=false", > { > "headers": { > "accept": "*/*", > "accept-language": "en-US,en;q=0.9", > "sec-fetch-dest": "empty", > "sec-fetch-mode": "cors", > "sec-fetch-site": "cross-site" > }, > "referrerPolicy": "strict-origin-when-cross-origin", > "body": null, > "method": "OPTIONS", > "mode": "cors", > "credentials": "omit" > }); > > {code} > > The request fails with a 403 not authenticated... which is strange since > preflight checks must not be authenticated. > !options.JPG! > > I tried to configure CORS in the jolokia-access.xml file like so: > > > {code:java} > <restrict> > <cors> > <!-- Allow cross origin access from localhost ... --> > <allow-origin>*://*</allow-origin> > <!-- Options from this point on are auto-generated by Create.java from > the Artemis CLI --> > <!-- Check for the proper origin on the server side, too --> > <strict-checking /> > </cors> </restrict>{code} > > > I also tried to specify the URL and port of my application explicitly. But > this did not work either. > > -- This message was sent by Atlassian Jira (v8.20.10#820010)