IBM Security Verify

Expand all | Collapse all

ISAM - Need Help in fixing cors issue

  • 1.  ISAM - Need Help in fixing cors issue

    Posted 6 days ago
    Hello All,

    I have configured the reverse proxy(on ISAM 10) for cors with the HTTP Transformation rule. but still getting cors issue

    can anyone help?

    HTTP Transformation Rule File (cors)

    <?xml version="1.0" encoding="UTF-8"?>
    <xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0">

    <xsl:variable name="my-method">
    <xsl:value-of select="//HTTPRequest/RequestLine/Method" />
    </xsl:variable>

    <xsl:variable name="origin-value">
    <xsl:value-of select="//HTTPRequest/Headers/Header[@name='origin']" />
    </xsl:variable>

    <xsl:strip-space elements="*" />

    <xsl:template match="/">
    <HTTPRequestChange>
    <xsl:apply-templates />
    </HTTPRequestChange>
    </xsl:template>

    <xsl:template match="//HTTPRequest/Headers">
    <xsl:choose>
    <xsl:when test="Header/@name='origin' and $origin-value='*' and $my-method = 'OPTIONS'" >
    <HTTPResponseChange action="replace">
    <Header name="Access-Control-Allow-Origin" action="add">*</Header>
    <Header name="Access-Control-Max-Age" action="add">86400</Header>
    <Header name="Access-Control-Allow-Credentials" action="add">true</Header>
    <Header name="Access-Control-Allow-Methods" action="add">POST,OPTIONS,GET</Header>
    <Version>HTTP/1.1</Version>
    <StatusCode>200</StatusCode>
    <Reason>OK</Reason>
    <Body>x</Body>
    </HTTPResponseChange>
    </xsl:when>
    </xsl:choose>
    </xsl:template>

    </xsl:stylesheet>


    configurations in reverse proxy files

    [http-transformations]
    CORS = cors

    [http-transformations:CORS]
    request-match = request:OPTIONS /mga*


    ------------------------------
    Mukesh
    ------------------------------


  • 2.  RE: ISAM - Need Help in fixing cors issue

    Posted 6 days ago
    Even I have tried with configuring [cors-policy:corsdemo] stanza, after removing configurations related to the transformation rule.

    configurations that have been configured on the reverse proxy

    [cors-policy:corsdemo]

    request-match = OPTIONS /mga*
    request-match = GET /mga*
    request-match = POST /mga*

    handle-pre-flight = true

    allow-origin = *

    allow-credentials =

    allow-header = GET
    allow-header = PUT
    allow-header = POST
    allow-header = OPTIONS


    allow-method = GET
    allow-method = POST
    allow-method = PUT
    allow-method = OPTIONS

    max-age = 3600

    expose-header = GET
    expose-header = POST
    expose-header = PUT
    expose-header = OPTIONS

     

    can anyone help?

    ------------------------------
    Mukesh
    ------------------------------



  • 3.  RE: ISAM - Need Help in fixing cors issue

    Posted 6 days ago
    What is you desired behaviour and what is the current behaviour?  Further information is really required.

    Thanks.

    Sent from my iPad





  • 4.  RE: ISAM - Need Help in fixing cors issue

    Posted 6 days ago
    Hi Scott,

    I have created a custom login infoMap and calling as an API from Angular App(SPA).

    For testing purpose, we are running SPA on localhost but due to cross-domain of Angular(localhost) and ISAM(reverse proxy),
    ISAM throwing Cors issue.

    current behavior: we are not able to call infoMap from cross-domain.

    desired behavior: ISAM should allow calling infoMap as an API from any domain.


    ------------------------------
    Mukesh
    ------------------------------