Error: CORS xhr XMLHttpRequest blocked on WebAgent
Article ID: 197220
Updated On:
Products
CA Single Sign On Secure Proxy Server (SiteMinder)
CA Single Sign On Agents (SiteMinder)
CA Single Sign On Federation (SiteMinder)
CA Single Sign On SOA Security Manager (SiteMinder)
SITEMINDER
Issue/Introduction
When running a Web Agent, how to integrate it to use the CORS headers as seen in the SiteMinder OIDC documentation section (1)?
The browser reports a CORS error.
http://server.example.com/<app>/
CORS error xhr
Access to XMLHttpRequest at
http://server.example.com/<app>/
From origin 'http://server.example.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Environment
Web Agent 12.52SP1CR09 on Apache 2.4 on RedHat 6
Resolution
The Web Agent does not support CORS header outside the OIDC journey.
The ACO Parameter CORSConfiguration is implemented in CA Access Gateway (SPS) as described only the OIDC journey (1).
An Idea has been submitted in the past (2), and still the Web Server can be configured to handle these CORS headers (3).
Additional Information
Feedback
Yes
No
Powered by
