Spring boot CORS config with ConfigurationProperties

Question

I have a global CORS configuration which is working well:

@Component
public class CorsConfiguration implements WebMvcConfigurer {
    String allowedOrigins = "*";

    @Override
    public void addCorsMappings(CorsRegistry registry) {
        registry.addMapping("/**")
                .allowedOrigins(allowedOrigins)
    }

    public String getAllowedOrigins() {
        return allowedOrigins;
    }

    public void setAllowedOrigins(String allowedOrigins) {
        this.allowedOrigins = allowedOrigins;
    }
}

Now I want to make the allowsOriginsfield dynamic for each application through application.yaml. I tried to add @ConfigurationPropierties(prefix="cors") to the CorsConfiguration Class. And added cors.allowedOrigins=test to application.yaml. But this does nothing. I have read many posts and tutorials, but I don't get why this isn't working. It should be as easy as that. What am I missing?

EDIT I also tried @Value annotation like this

@Value("${cors.allowedOrigins:*}")
String allowedOrigins;

Application.yaml

cors:
  allowedOrigins=http://localhost:4200

Result is that I only get the default value *, nothing is read from application.yaml.

Thanks

Answer 1

Try using @Value annotation to get your property value from application.yml like this :

application.yml

origin:
  allowedOrigins: [HOST_HERE]

And then use it in your CorsConfiguration class :

@Component
public class CorsConfiguration implements WebMvcConfigurer {

  @Value("${origin.allowedOrigins:DEFAULT_VALUE_HERE}")
  private String allowedOrigins;

  @Override
  public void addCorsMappings(CorsRegistry registry) {
      registry.addMapping("/**")
            .allowedOrigins(allowedOrigins)
  }
  // code here
}

Answer 2

I think you should add the following annotation on CorsConfiguration:

@EnableWebMvc
@Configuration
@ComponentScan(basePackages = { "<packge name>" })

the last one is not essential but sometimes you need it

Answer 3

Manual way

I recommended for you making Configuration Class, like this

@lombok.Data
@ConfigurationProperties(prefix = "cors")
public class PathCorsConfiguration {
    @Nullable
    private String[] allowedOrigins;
}

application.yml

cors:
  allowedOrigins:
    - "https://www.someurl_1.com"
    - "https://www.someurl_2.com"

and for highlighting new properties in config file you may add annotation processor:

<plugins>
  <plugin>
    <groupId>org.apache.maven.plugins</groupId>
    <artifactId>maven-compiler-plugin</artifactId>
    <configuration>
    <annotationProcessorPaths>
      <annotationProcessorPath>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-configuration-processor</artifactId>
        <version>${spring-boot.version}</version>
        </annotationProcessorPath>
      </annotationProcessorPaths>
    </configuration>
  </plugin>
</plugins>

---

Automatically way

Few years ago I asked to self the same question like you and recently I released self library for make it easily:
add dependency

<dependency>
  <groupId>io.github.iruzhnikov</groupId>
  <artifactId>spring-webmvc-cors-properties-autoconfigure</artifactId>
  <version>VERSION</version>
</dependency>

and add configuration

spring:
  web:
    cors:
      enabled: true
      mappings:
        baseOrigins:
          paths: /**
          allowed-origins: "http://localhost:4200"
          allowed-origin-patterns: .*

Answer 4

Incompatible versions of SpringORM and Hibernate, Upgrade your hibernate or downgrade your Spring version.