Jazz Forum Welcome to the Jazz Community Forum Connect and collaborate with IBM Engineering experts and users

Does RTC support CORS (Cross-Origin Resource)? Needed for a Javascript OSLC consumer

 Hi,

Situation:
* Javascritp running in a Web UI want to access RTC OSLC from a different Domain
* The Browser don't allow this because of the Same Origin Policy (SOP).
* Modern Server could support this situation with CORS.
* I need this to access the OSLC rootservices and other do implement a Javascript OSLC consumer.

Question:
* Does RTC (or JTS) support CORS?
* If yes, how to enable it? 

Observations:
* There is a "Cross Domain White List" Option at the advanced properties settings of JTS.
* Even if switched on the JTS Server never send back a Header like Access-Control-Allow-Origin: http://foo.example
* Interesting is the JTS Server give back the rootservives document but the Browser say  No 'Access-Control-Allow-Origin' header is present on the requested resource.

Thanks in advance

Stefan

0 votes

Comments

 I'm also interested in this. Did you find a solution?


Accepted answer

Permanent link
Here is a way to do it, but you need to verify whether you can achieve what you want to do after getting the HTTP header.
1. Download the latest of Tomcat to replace the one shipped with CLM.
2. Install the new Tomcat.
3. Migrate the settings (server.xml, tomcat-user.xml and etc) and web applications to the new Tomcat.
4. Add a new filter to the Tomcat configuration as described in the document below.
http://tomcat.apache.org/tomcat-7.0-doc/config/filter.html#CORS_Filter
5. Start the Tomcat server to verify.

The reason for a new Tomcat is that the CORS feature is implemented in Tomcat 7.0.41 and up while CLM ships with Tomcat 7.0.32.
https://issues.apache.org/bugzilla/show_bug.cgi?id=55046

I tested with /jts/rootservices as mentioned in the original post. As I used a pattern "*" (allow all), the value of the HTTP request header "Origin" would appear in the response HTTP header "Access-Control-Allow-Origin" in my testing.
Stefan Hufnagl selected this answer as the correct answer

1 vote

Your answer

Register or log in to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.

Search context
Follow this question

By Email: 

Once you sign in you will be able to subscribe for any updates here.

By RSS:

Answers
Answers and Comments
Question details
× 10,936
× 7,494

Question asked: May 15 '14, 1:54 a.m.

Question was seen: 8,145 times

Last updated: Aug 28 '14, 6:00 a.m.

Confirmation Cancel Confirm