1
00:00:00,240 --> 00:00:08,850
We have seen what is a cost issue and white brother is throwing and arat when two different prison applications

2
00:00:08,850 --> 00:00:10,480
try to communicate with each other.

3
00:00:10,770 --> 00:00:17,520
But here we have a valid reason, like my other application and back in application, both developed

4
00:00:17,520 --> 00:00:23,030
by same person, same entity, and they how to communicate with each other.

5
00:00:23,190 --> 00:00:29,940
And we should confirm that to browser so that court policy error should not be thrown by it.

6
00:00:30,180 --> 00:00:36,810
For that, let's try to make some changes inside our backend application to resolve the cost issue firstly

7
00:00:37,080 --> 00:00:45,180
and stop the server to our security config where we have made all security related configurations here.

8
00:00:45,630 --> 00:00:53,160
Inside this strategy, you can go and look and search for us is a method of choice.

9
00:00:53,550 --> 00:01:01,480
We have to call and inside that matter, all configured source, it means I want to configure my course

10
00:01:01,500 --> 00:01:11,490
detail on the backend application inside that you have to pass the configuration, of course, and import

11
00:01:11,730 --> 00:01:14,040
all the needed classes.

12
00:01:14,430 --> 00:01:20,160
And we should also have an ATM because this is the one configuration on top of that.

13
00:01:20,440 --> 00:01:24,850
We should also want our spring security to consider these configurations as well.

14
00:01:24,870 --> 00:01:28,130
That's why we need and better in between them.

15
00:01:28,350 --> 00:01:36,610
So clearly now you can see here I just called the card method and I aim to call Configure Source where

16
00:01:36,630 --> 00:01:44,220
I'm passing all the configurations related to CofS class by ordering a method called get cast configuration.

17
00:01:44,520 --> 00:01:46,080
It is obviously fine.

18
00:01:46,080 --> 00:01:51,960
Also, if you want to create this entire configuration as a separate bin and your spring security smart

19
00:01:51,960 --> 00:01:55,110
enough to identify card configurations.

20
00:01:55,320 --> 00:02:06,090
So you can see I'm just trying to unload the origins from this orison only, which means any communication

21
00:02:06,540 --> 00:02:14,370
to this back and server will be acceptor if the communication is coming from this domain or port, no

22
00:02:14,580 --> 00:02:15,140
hostname.

23
00:02:15,330 --> 00:02:20,610
If you have multiple, you can also pass the multiple values, haloed methods, history type methods.

24
00:02:20,610 --> 00:02:23,910
I'm saying all type of treatment that should be allowed.

25
00:02:23,910 --> 00:02:29,760
But if we have a specific requirement like only get and has to be allowed, you can define that astron

26
00:02:29,940 --> 00:02:36,870
a credentials through which I'm setting, which indicates that credentialled also should be accepted

27
00:02:36,870 --> 00:02:41,700
and this has to be used in case of secure communication.

28
00:02:41,700 --> 00:02:42,980
Also headers.

29
00:02:42,990 --> 00:02:45,390
I'm saying all kind of hurdles has to be alert.

30
00:02:45,570 --> 00:02:53,400
And Maxi's I'm just setting 3600 socan, which means my browser will cache these configuration details

31
00:02:53,400 --> 00:02:55,230
for 3600 seconds.

32
00:02:55,470 --> 00:03:01,760
After that, it will try to make a fresh request to see whether the car's configurations are valid or

33
00:03:01,770 --> 00:03:08,520
they changed or not will remain as configuration and enable.

34
00:03:08,550 --> 00:03:15,660
Are backend application also to pass this information to the browser whenever the pre-flight request

35
00:03:15,660 --> 00:03:23,160
happens and it will pass all these values to the browser, which indicates that this backend application

36
00:03:23,160 --> 00:03:27,290
will accept the communication only from this orison.

37
00:03:27,630 --> 00:03:29,990
Now we are going to start our server.

38
00:03:30,480 --> 00:03:35,250
It may go to the main class like click on as Java application.

39
00:03:35,700 --> 00:03:37,560
Now I will also go to the browser.

40
00:03:37,980 --> 00:03:43,010
Let's try to close the previous session on the browser and open a fresh browser in the browser.

41
00:03:43,020 --> 00:03:49,950
I'm trying to call localhost for 2.0, which will take me to the login page here.

42
00:03:49,950 --> 00:03:53,460
I'm just entering happy at a great example.

43
00:03:53,460 --> 00:03:54,240
Dot com.

44
00:03:54,690 --> 00:04:00,120
One, two, three, four, five is a password on clicking the signing this time.

45
00:04:00,510 --> 00:04:06,390
Thus signing is successful and we are landed on to the dashboard.

46
00:04:06,540 --> 00:04:11,060
And you can see here, this is the name that is coming from the database.

47
00:04:11,190 --> 00:04:12,090
Hi, Happy.

48
00:04:12,240 --> 00:04:21,279
And you logged in as an admin role, which means that we resolve this issue successfully and established

49
00:04:21,300 --> 00:04:28,410
a secured communication between our UI application and the backend application.

50
00:04:28,440 --> 00:04:36,270
Let's try to click on the balance, which will return the balance and icon transaction details of the

51
00:04:36,270 --> 00:04:36,750
user.

52
00:04:37,200 --> 00:04:40,110
Well, but we are getting no response.

53
00:04:40,230 --> 00:04:45,120
Let's try to go to the console and see what is happening here.

54
00:04:45,420 --> 00:04:53,850
We are getting an error forbidden for zero three, which indicates that I can't make a call to this

55
00:04:54,030 --> 00:04:59,550
service, but we have password value controls and we logged in into the application.

56
00:05:00,580 --> 00:05:07,920
Everything has to work right, but the reason that we are getting four zero three years due to CSR of

57
00:05:08,140 --> 00:05:15,700
but you may ask Log-in functionality work previously the login functionality works because that uses

58
00:05:15,730 --> 00:05:16,300
the get.

59
00:05:16,960 --> 00:05:22,690
So CSR will never throw whenever we try to use it, get better.

60
00:05:22,930 --> 00:05:32,770
But CSR will be thrown when you have a post method because the reason is that will only try to get the

61
00:05:32,780 --> 00:05:38,720
data on display, whereas a post may result into saving or deleting the data.

62
00:05:39,050 --> 00:05:46,940
That's where we will get into CSR issues when two different artisans try to communicate with each other.

63
00:05:47,260 --> 00:05:53,710
Let's try to see what the CSR have in detail in the next video and resolve the issue also.

64
00:05:53,860 --> 00:05:54,420
Thank you.

65
00:05:54,430 --> 00:05:54,910
And by.