views:

24

answers:

0

I have two webapps. One that is serving content to the other over XHR/REST calls. One is in Tomcat 7 (with CSRF protection), and the other is in Spring's tcServer 6 (Tomcat 6.x). The servers and webapps are setup as such:

  1. Tomcat 7 with CSRF on port 8081; webapp communicates with other apps via REST
  2. Tomcat 6 on port 8080; webapp calls other apps via XHR/AJAX

The problem that I am having is that the second webapp requests data from the first via XHR/AJAX with a REST URL, but the Tomcat 7 server that the first webapp runs in is identifying the request as CSRF.

How do I enable REST communication for other sites for my webapp in Tomcat 7?