Solution for Cross Domain/Origin Problems with Tomcat web application and Javascripts

Your ads will be inserted here by

Easy Plugin for AdSense.

Please go to the plugin admin page to
Paste your ad code OR
Suppress this ad slot.

I believe there are a lot of people may have encountered problems when using Tomcat servlet as backend  and HTML+Javascripts(Jquery) as frontend. Most of these problems are related to the Cross-Domain security issues, especially for Chrome users. I am writing this blog to summarise my solution for this.

For example, if we host Tomcat web application at server A ( and frontend html at Apache server B (

  1. Configure your existing web application with Cors Filter Filter is the first universal solution for fitting Cross-Origin Resource Sharing (CORS) support to Java web applications. CORS is a recent W3C effort to introduce a standard mechanism for enabling cross-domain requests in web browsers and participating servers.)
  2. Configure httpd.conf file in Server B add Proxypass, Proxypassreserve and ProxyPassReverseCookiePath
    ProxyRequests On
    ProxyVia On
    ProxyPass /proxy  ajp://
    ProxyPassReverse /proxy ajp://
    ProxyPassReverseCookiePath / /proxy

    The reason I use ajp(Apache JServ Protocol) and ProxyPassReverseCookiePath is that I do not want to lose any session using the ProxyPass method (each time the controller was invoked, a new session was created). If your application does not use any session control, you can just use Proxypass to normal http and without using ProxyPassReverseCookiePath

That’s all you need to do! More on the session control part you can read this blog:

If you see any error in apache log such as:(13) Permission Denied, here is the solution


Read More