javascript - Can't manage to make CORS request working -

i'm trying data webservice on different domain, , i'm experiencing cors issue.

i have in controller :

$http({method: 'get', url : 'http://somewebserviceapi.com?idappli=' + appid, headers: {'authorization': 'basic dxnlcm5hbwu6cgfzc3dvcmq='}}).         success(function(data, status, headers, config) {             console.log(data);         }).         error(function() {             console.log("an error occured");         }); 

and i'm getting following errors :

options http://somewebserviceapi.com?idlangue=1&idappli=2153 b @ angular.js:9866n @ angular.js:9667$get.f @ angular.js:9383(anonymous function) @ angular.js:13248$get.n.$eval @ angular.js:14466$get.n.$digest @ angular.js:14282$get.n.$apply @ angular.js:14571showapplication @ viewercontroller.js:825handleapplications @ svgmanipulation.js:15svgpanzoom.handlemouseup @ svg-pan-zoom.js:1195svgpanzoom.setuphandlers.eventlisteners.mouseup @ svg-pan-zoom.js:829

and

xmlhttprequest cannot load http://somewebserviceapi.com?idlangue=1&idappli=2153 . no 'access-control-allow-origin' header present on requested resource. origin 'http://localhost:63342' therefore not allowed access. response had http status code 401.

now headers :

when called controller : (it seems no authentification made)

(response)

connection: keep-alive content-length: 0 date: mon, 29 jun 2015 14:33:09 gmt keep-alive: timeout=5, max=100 server: apache www-authenticate: negotiate                   basic realm="ad-its.some-company.com" 

(request)

accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 accept-encoding: gzip, deflate accept-language: fr,fr-fr;q=0.8,en-us;q=0.5,en;q=0.3 access-control-request-headers: authorization access-control-request-methods: connection: keep-alive host: somewebserviceapi.com origin: http://localhost:63342 user-agent: mozilla/5.0 (windows nt 6.1; wow64; rv:38.0) gecko/20100101 firefox/38.0 

when go myself url :

(response)

access-control-allow-credentials: true access-control-allow-headers: content-type, origin, accept, authorization access-control-allow-methods: get, post, delete, put access-control-allow-origin: * connection: keep-alive content-length: 394 content-type: application/json;charset=utf-8 date: mon, 29 jun 2015 15:21:08 gmt keep-alive: timeout=5, max=99 server: apache 

(request)

accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 accept-encoding: gzip, deflate accept-language: fr,fr-fr;q=0.8,en-us;q=0.5,en;q=0.3 authorization: basic dxnlcm5hbwu6cgfzc3dvcmq= connection: keep-alive cookie: jsessionid=89c1ec542bcbc42421c6207767ef8fa1 host:  http://somewebserviceapi.com user-agent: mozilla/5.0 (windows nt 6.1; wow64; rv:38.0) gecko/20100101 firefox/38.0 

and on chrome, additionally response , request header there general header visible : in header, have :

from controller request : request method:options

when go url myself : request method:get

apparently, options method way cors handle things, need add options method somewhere ?

server side, have access-control-allow-origin: * line, don't know how fix this.

this classic cors issue, when make call js , cors logic applied first call made options should return

200 ok empty response (not sure if has empty)

and headers:

access-control-allow-methods: get, post, delete, put access-control-allow-origin: *

when options correctly configured call made provided method can found in access-control-allow-methods: get, post, delete, put

although options have added access-control-allow-methods