Issue:

After enabling SSO for tomcat using waffle ("waffle-distro-3.3.0-distro) the upload attachment is failing in both IIS and Tomcat.

Since both IIS and Tomcat are on SSO, the attachment upload from IIS is failing as Tomcat Cors plus Waffle(SSO) is complaining about CORS. The waffle is not officially tested or certified and as such an official changes would be available for the attmnt_upload.js

Need to make the following changes to fix the issue:

1. In the web.xml,  for waffle SSO filter, use

<filter>
 <filter-name>SecurityFilter</filter-name>
 <filter-class>waffle.servlet.CorsAwareNegotiateSecurityFilter</filter-class>
</filter>

For CORS settings, add the required origins instead of * and add cors.support.credentials

<init-param>
               <param-name>cors.allowed.origins</param-name>
               <param-value>http://titan-ntlm</param-value>
 </init-param>

<init-param>
               <param-name>cors.support.credentials</param-name>
               <param-value>true</param-value>
 </init-param>

2. Customize the attmnt_upload.js file by placing it in site\mods.

In the function Upload(), add the lines

gridRowsArray[i].data.headers = {'X-Requested-With': 'XMLHttpRequest'};
gridRowsArray[i].data.xhrFields = {'withCredentials': true};

after the line

gridRowsArray[i].data.url = servletPath;

3. Delete browser cache and restart tomcat.