CORS related configuration error When connecting react app to Java backend on Tomcat

All, I have a react, nodejs, frontend , https://app.mysite.com. I pass info to my Java app on Tomcat at https://api.mysite.com. I have added the following into my app on TC web.xml.

 <filter>
		<filter-name>CorsFilter</filter-name>
		<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
		<init-param>
			<param-name>cors.allowed.origins</param-name>
			<param-value>https://app.mysite.com</param-value>
		</init-param>
</filter>
	<filter-mapping>
		<filter-name>CorsFilter</filter-name>
		<url-pattern>/*</url-pattern>
	</filter-mapping>

However I am still getting the following error: Access to fetch at 'https://api.mysite.com' from origin 'https://app.mysite.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

To add additional details, I have used an ALB to get the UI up and running. Do I need to add the ALB to the parameter list? Do I need to add the IP's? I am not sure what the TC is expecting as it appears I have what I need listed. Is there a log somewhere on AWS where I can see where the fetch is actually originating?

Thanks for any help in this.

Here is additional info if it will help: Request URL: https://api.mysite.com Request Method: POST Status Code: 403 Forbidden Referrer Policy: strict-origin-when-cross-origin Connection: keep-alive Content-Type: text/plain Date: Sat, 07 Oct 2023 20:08:20 GMT Keep-Alive: timeout=60 Transfer-Encoding: chunked Accept: / Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Connection: keep-alive Content-Length: 0 Dnt: 1 Host: api.mysite.com Origin: https://app.mysite.com Referer: https://app.mysite.com/ Sec-Ch-Ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Sec-Ch-Ua-Mobile: ?0 Sec-Ch-Ua-Platform: "Windows" Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47

Topics

Compute Security, Identity, & Compliance Management & Governance

Relevant content

unable to deploy a basic react app on elastic beanstalk
Accepted Answer
Sri
asked a year ago
Connecting back end Tomcat API to front end
cxc
asked 8 months ago
413 error on AWS Amplify hosting for React App
Chuboyo
asked 3 months ago
Deploy an app having Frontend in Angular and Backend in Java on Fargate ECS.
rePost-User-3199525
asked 2 years ago
How do I resolve "OutOfMemoryError" Hive Java heap space exceptions on Amazon EMR that occur when Hive outputs the query results?
AWS OFFICIALUpdated 2 years ago
How do I troubleshoot "ClassNotFoundException" and "NoSuchMethodError" errors from a Java Lambda function?
AWS OFFICIALUpdated 2 years ago
How do I troubleshoot the UnknownHostException error in my Java application?
AWS OFFICIALUpdated 2 years ago
How do I resolve the error ‘The security token included in the request is expired’ when running Java applications on Amazon EC2?
AWS OFFICIALUpdated 2 years ago
Deploying a web app to an AWS IoT Greengrass Core device - Part 2
EXPERT
MassimilianoAWS
published a year ago
Deploying a web app to an AWS IoT Greengrass Core device - Part 1
EXPERT
MassimilianoAWS
published a year ago