How to configure CORS and Basic Authorization in Spring Boot?

I think you need to allow OPTION requests into your web security config. Something like:

.antMatchers(HttpMethod.OPTIONS, "/your-url").permitAll()

The browser checks CORS settings via a request with OPTIONS header. And if you've configured authorization, OPTIONS request will be blocked as unauthorized.

You can simply allow OPTIONS request via cors support in WebConfigurerAdapter.

@EnableWebSecuritypublic class WebSecurityConfig extends WebSecurityConfigurerAdapter {    @Override    protected void configure(HttpSecurity http) throws Exception {        // ...        http.cors();    }}

Check this link for more info: https://www.baeldung.com/spring-security-cors-preflight

Try this:

@Configurationpublic class CorsConfig {  @Bean  public CorsFilter corsFilter() {    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();    CorsConfiguration config = new CorsConfiguration();    config.setAllowCredentials(false); //updated to false    config.addAllowedOrigin("*");    config.addAllowedHeader("*");    config.addAllowedMethod("GET");    config.addAllowedMethod("PUT");    config.addAllowedMethod("POST");    source.registerCorsConfiguration("/**", config);    return new CorsFilter(source);  }  @Bean  public WebMvcConfigurer corsConfigurer() {    return new WebMvcConfigurerAdapter() {      @Override      public void addCorsMappings(CorsRegistry registry) {        registry.addMapping("/").allowedOrigins("http://localhost:3000");      }    };  }}