Welcome Serena Central users! CLICK HERE
The migration of the Serena Central community is currently underway. Be sure to read THIS MESSAGE to get your new login set up to access your account.
fsjovatsen Absent Member.
Absent Member.
1092 views

Cors domains


Hi,

Is there a way to set Cors domains (or just *) in 4.1.1 for Oauth and
openid. I can see its a global config on 4.2.

fs


--
fsjovatsen
------------------------------------------------------------------------
fsjovatsen's Profile: https://forums.netiq.com/member.php?userid=549
View this thread: https://forums.netiq.com/showthread.php?t=55575

0 Likes
4 Replies
Anonymous_User Absent Member.
Absent Member.

Re: Cors domains

fsjovatsen wrote:

> Is there a way to set Cors domains (or just *) in 4.1.1 for Oauth and
> openid. I can see its a global config on 4.2.


Can you describe the problem in more detail?

There is a CORS bug fix #941674 in 4.1 SP2, not sure if that is related
to your problem or not.

However, to specify CORS domains for OAuth and OpenID - looks like you
need 4.2
0 Likes
fsjovatsen Absent Member.
Absent Member.

Re: Cors domains


The problem is that I need the Access-Control-Allow-Origin header for a
javascript client to access the userinfo end point.

fs

Alex McHugh;266174 Wrote:
> fsjovatsen wrote:
>
> > Is there a way to set Cors domains (or just *) in 4.1.1 for Oauth and
> > openid. I can see its a global config on 4.2.

>
> Can you describe the problem in more detail?
>
> There is a CORS bug fix #941674 in 4.1 SP2, not sure if that is related
> to your problem or not.
>
> However, to specify CORS domains for OAuth and OpenID - looks like you
> need 4.2



--
fsjovatsen
------------------------------------------------------------------------
fsjovatsen's Profile: https://forums.netiq.com/member.php?userid=549
View this thread: https://forums.netiq.com/showthread.php?t=55575

0 Likes
Knowledge Partner
Knowledge Partner

Re: Cors domains

fsjovatsen <fsjovatsen@no-mx.forums.microfocus.com> wrote:
>

The problem is that I need the Access-Control-Allow-Origin header for a
javascript client to access the userinfo end point.
>


Have you tried adding a standard tomcat CORS filter in web.xml directly ?

http://tomcat.apache.org/tomcat-7.0-doc/config/filter.html#CORS_Filter

Alex McHugh - Knowledge Partner - Stavanger, Norway
Who are the Knowledge Partners
If you appreciate my comments, please click the Like button.
If I have resolved your issue, please click the Accept as Solution button.
0 Likes
ratclma Absent Member.
Absent Member.

Re: Cors domains


Hi,
did you get this resolved as seem to be having a similar problem. Did
you try a CORS filter, if so what setting needs to be applied in web.xml
on the NAM ID servers?
I dont know anything about CORS but the technical guy for mobile we're
trying to configure with NAM 4.1.1 OAuth is getting the following error
and below are his comments:

-XMLHttpRequest cannot load http://tinyurl.com/jlqlpxb. Response to
preflight request doesn't pass access control check: No
'Access-Control-Allow-Origin' header is present on the requested
resource. Origin 'https://client.example.org' is therefore not allowed
access.

I have to mention that I used host file to redirect
https://client.example.org on a htttps://localhost server I use to do
various testing on OAuth.

The error message suggests that 'https://client.example.org' is not in
the list of origins that are allowed to make 'CORS' request against the
oAuth server.

Would it be possible for you to allow 'CORS requests coming from
https://localhost and allow a redirect_uri such as https://localhost ?-

Thanks
Mark

alexmchugh;266177 Wrote:
> fsjovatsen <fsjovatsen@no-mx.forums.microfocus.com> wrote:
> >

> The problem is that I need the Access-Control-Allow-Origin header for a
> javascript client to access the userinfo end point.
> >

>
> Have you tried adding a standard tomcat CORS filter in web.xml directly
> ?
>
> http://tinyurl.com/auapuld



--
ratclma
------------------------------------------------------------------------
ratclma's Profile: https://forums.netiq.com/member.php?userid=7886
View this thread: https://forums.netiq.com/showthread.php?t=55575

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.