Possible solution to preflight problem with Options request in a Rest Service under Chrome.

There is a common error under rest service development with AngularJS framework after that understood that internally the framework do OPTIONS requests to know who is invoking an error like follows can occur:

Response for preflight has invalid HTTP status code 400

The possible solution to this problem is to check CORSFilter and when the request contains a OPTIONS just respond an OK status:

...

    if ("OPTIONS".equalsIgnoreCase(request.getMethod())) {
        response.setStatus(HttpServletResponse.SC_OK);
    } else {
        chain.doFilter(req, res);
    }

Important links:

• http://www.concretepage.com/spring-4/spring-4-rest-cors-integration-using-crossorigin-annotation-xml-filter-example
• http://corpus.hubwiz.com/2/angularjs/23786722.html
• http://websystique.com/spring-security/secure-spring-rest-api-using-oauth2/
• http://zhentao-li.blogspot.mx/2012/06/enable-cors-support-in-rest-services.html

How to resolve CORS header after using Spring Security and Rest Service?

After testing an architecture of a security rest service built-in Spring Framework and a web application on AngularJS which over a POST gets credentials and regard information for the front end part, using firebug I discover and error after a submit on each event:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://localhost:8081/keepnotes-soa-app/rest/user. (Reason: CORS header 'Access-Control-Allow-Origin' missing).

Reviewing on Internet I discovered a missing configuration over my Front-end application which is the result of having a separated application, so on I have to create the following lines:
Having created the filter class we must to make the configuration over web.xml with the following lines:

Next to is review request and response where you were to find headers located on each message.

Best Regards,