I've implemented CORS for my Spring MVC application. The following is in my Web.xml:

<filter>
    <filter-name>simpleCORSFilter</filter-name>
    <filter-class>com.tcs.filters.SimpleCORSFilter</filter-class>
</filter>
<filter-mapping>
    <filter-name>simpleCORSFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

After consulting CORS with spring-boot and angularjs not working I implemented a SimpleCORSFilter.java class

And now I implemented the following in a Spring-security.xml file:

<http
    use-expressions="true" auto-config="false" create-session="stateless"
    disable-url-rewriting="true" entry-point-ref="entryPoint"
    authentication-manager-ref="authenticationManager">

<bean id="entryPoint" class="com.tcs.web.EntryPoint" />

But when it is executing it's not calling the class below for either the "wrong/incorrect"-password case or the correct-password case.

So, CORS configuration is blocking the call to this, but if I remove CORS, it is calling UnauthorizedEntryPoint.

Could you let know how to properly call this?

public class EntryPoint implements AuthenticationEntryPoint{
    @Override
    public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException)
            throws IOException, ServletException{
        // here some custom code about user like values etc
        String userid = request.getParameter("userId")
        response.sendError(HttpServletResponse.SC_UNAUTHORIZED,
                "Unauthorized: Authentication token was either missing or invalid.");
    }
}