ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Enabling x-frame support for the TDM Portal

book

Article ID: 199355

calendar_today

Updated On:

Products

CA Test Data Manager (Data Finder / Grid Tools)

Issue/Introduction

We've been asked to allow X-Frames in the CA Portal to integrate with other internal applications.

I've been told in order to do this that CA/Broadcom will need to update their Portal code to set up the x-frame property.  

Environment

Release : 4.8.1 and 4.9

Component : Test Data Manager Portal

Resolution

This has been addressed in TDMWeb-4.8.219.0, and TDMWeb-4.9.95.0..

After the installation of the patch, the Portal will behave the same as before (eg. it won't be possible to use Portal in a frame) by default.

To enable x-frame support, you will need to:

1. Stop the CA Test Data Manager Portal service

2. Modify the file <TDM_ROOT>/tomcat/conf/web.xml. The Portal service should restart automatically, but it can be restarted manually too. Also don't forget you'll need elevated privileges to modify files under the Program Files directory.

3. You need to find the following block of text:

<filter>
        <filter-name>httpHeaderSecurity</filter-name>
        <filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
        <async-supported>true</async-supported>
</filter>

4. Depending on you're need, change it to one of the two options:

a) If you want to allow only same host:

    <filter>
        <filter-name>httpHeaderSecurity</filter-name>
        <filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
        <async-supported>true</async-supported>
        <init-param>
            <param-name>antiClickJackingOption</param-name>
            <param-value>SAMEORIGIN</param-value>
        </init-param>
    </filter>

b) If you want to allow any host - this can be modified further to allow only specific host(s) by putting it as value of antiClickJackingUri parameter):

    <filter>
        <filter-name>httpHeaderSecurity</filter-name>
        <filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
        <async-supported>true</async-supported>
        <init-param>
            <param-name>antiClickJackingOption</param-name>
            <param-value>ALLOW-FROM</param-value>
        </init-param>
        <init-param>
            <param-name>antiClickJackingUri</param-name>
            <param-value>/*</param-value>
        </init-param>
    </filter>

 

Additional Information

If you need more documentation, you can look at the Tomcat documentation, under the "HTTP Header Security Filter" section.

https://tomcat.apache.org/tomcat-9.0-doc/config/filter.html