Adds CORS configuration to the REST API

The REST API now supports cross-origin requests thanks to a new CORS
configuration.

pom.xml

@@ -5,7 +5,7 @@
 	<groupId>es.uvigo.esei.daa</groupId>
 	<artifactId>example</artifactId>
 	<packaging>war</packaging>
-	<version>0.1.12</version>
+	<version>0.1.13</version>
 	<name>DAA Example</name>
 
 	<licenses>

src/main/webapp/WEB-INF/web.xml

@@ -10,6 +10,27 @@
     <welcome-file>index.html</welcome-file>
   </welcome-file-list>
 
+  <filter>
+    <filter-name>CorsFilter</filter-name>
+    <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
+    <init-param>
+      <param-name>cors.allowed.origins</param-name>
+      <param-value>*</param-value>
+    </init-param>
+    <init-param>
+      <param-name>cors.allowed.headers</param-name>
+      <param-value>Authorization</param-value>
+    </init-param>
+    <init-param>
+      <param-name>cors.allowed.methods</param-name>
+      <param-value>GET, POST, DELETE, PUT</param-value>
+    </init-param>
+  </filter>
+  <filter-mapping>
+    <filter-name>CorsFilter</filter-name>
+    <url-pattern>/rest/*</url-pattern>
+  </filter-mapping>
+
   <security-constraint>
     <web-resource-collection>
       <web-resource-name>Protected Area</web-resource-name>
@@ -18,7 +39,6 @@
       <http-method>DELETE</http-method>
       <http-method>GET</http-method>
       <http-method>POST</http-method>
-			<http-method>OPTIONS</http-method>
     </web-resource-collection>
     <auth-constraint>
       <role-name>ADMIN</role-name>
@@ -30,11 +50,10 @@
     <web-resource-collection>
       <web-resource-name>Admin Area</web-resource-name>
       <url-pattern>/rest/people/*</url-pattern>
+      <http-method>GET</http-method>
       <http-method>PUT</http-method>
       <http-method>DELETE</http-method>
-			<http-method>GET</http-method>
       <http-method>POST</http-method>
-			<http-method>OPTIONS</http-method>
     </web-resource-collection>
     <auth-constraint>
       <role-name>ADMIN</role-name>