Error: CORS xhr XMLHttpRequest blocked on WebAgent
search cancel

Error: CORS xhr XMLHttpRequest blocked on WebAgent

book

Article ID: 197220

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On Agents (SiteMinder) CA Single Sign On Federation (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) SITEMINDER

Issue/Introduction


When running a Web Agent, how to integrate it to use the CORS headers as seen in the SiteMinder OIDC documentation section (1)?

The browser reports a CORS error.

http://www.<host name>.<Your domain>/<app>/

  CORS error xhr
  Access to XMLHttpRequest at

  http://www.<host name>.<Your domain>/<app>/
  
  From origin 'http://www.<host name>.<Your domain>' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

 

Environment


Web Agent Version:12.52 SP1 CRXX and 12.8

Resolution


The Web Agent does not support CORS header outside the OIDC journey.

The ACO Parameter CORSConfiguration is implemented in CA Access Gateway (SPS) only in the OIDC journey (1), but still the Web Server can be configured to handle these CORS headers (2). 

 

Additional Information

Powered by Wolken Software