I have 2 applications on 2 different servers, say
b.com. Both have Spring Security authentication.
I login to
a.com and make a HTTP get call to
b.com/getName service. I have set Allow access headers at
b.com through a CORS filter. But when I do so, it redirects me to login page since spring security is there at
b.com as well.
Since I am using Spring Security 3.2, I can’t use
@crossOrigin annotation. I don’t want to set authentication headers since it’s insecure.
How can I bypass Spring Security authentication at
b.com and directly make the service call?