From d39e12cbeecd061a1ec84bb8c717b318d011766b Mon Sep 17 00:00:00 2001
From: Bhinav Sura <bhinav.sura@salesforce.com>
Date: Fri, 30 Sep 2016 15:54:53 -0700
Subject: [PATCH 1/2] Fix for CORS issue where sendError doesn't allow CORS
 headers to be set.

---
 .../java/com/salesforce/dva/argus/ws/filter/AuthFilter.java  | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/ArgusWebServices/src/main/java/com/salesforce/dva/argus/ws/filter/AuthFilter.java b/ArgusWebServices/src/main/java/com/salesforce/dva/argus/ws/filter/AuthFilter.java
index 004b8af9e..76640c69a 100644
--- a/ArgusWebServices/src/main/java/com/salesforce/dva/argus/ws/filter/AuthFilter.java
+++ b/ArgusWebServices/src/main/java/com/salesforce/dva/argus/ws/filter/AuthFilter.java
@@ -81,7 +81,10 @@ public void doFilter(ServletRequest request, ServletResponse response, FilterCha
             Object remoteUser = session.getAttribute(USER_ATTRIBUTE_NAME);
 
             if (!"options".equalsIgnoreCase(req.getMethod()) && !_isAuthEndpoint(req) && remoteUser == null) {
-                HttpServletResponse.class.cast(response).sendError(HttpServletResponse.SC_UNAUTHORIZED);
+            	HttpServletResponse httpresponse = HttpServletResponse.class.cast(response);
+            	httpresponse.setHeader("Access-Control-Allow-Origin", req.getHeader("Origin"));
+            	httpresponse.setHeader("Access-Control-Allow-Credentials", "true");
+            	httpresponse.sendError(HttpServletResponse.SC_UNAUTHORIZED);
             } else if (remoteUser != null) {
                 user = PrincipalUserDto.class.cast(session.getAttribute(USER_ATTRIBUTE_NAME)).getUserName();
             }

From 7b87581993dd002b93371e70dc5e4e300e33b5d3 Mon Sep 17 00:00:00 2001
From: Bhinav Sura <bhinav.sura@salesforce.com>
Date: Fri, 30 Sep 2016 15:56:50 -0700
Subject: [PATCH 2/2] No longer need to look for rejection status of -1.

---
 ArgusWeb/app/js/services/unauthorizedInterceptor.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ArgusWeb/app/js/services/unauthorizedInterceptor.js b/ArgusWeb/app/js/services/unauthorizedInterceptor.js
index 19a107071..5787f7a88 100644
--- a/ArgusWeb/app/js/services/unauthorizedInterceptor.js
+++ b/ArgusWeb/app/js/services/unauthorizedInterceptor.js
@@ -2,7 +2,7 @@ angular.module('argus.services.interceptor', [])
 .factory("UnauthorizedInterceptor", ['$q', '$location', 'Storage', function ($q, $location, Storage) {
     return {
         responseError: function (rejection) {
-            if (rejection.status === 401 || rejection.status <= 0) {
+            if (rejection.status === 401 || rejection.status === 0) {
                 var url = rejection.config.url;
                 var suffix = '/login';
                 if (url.indexOf(suffix, url.length - suffix.length) === -1) {