I need to access my identity server from a different domain, I am using REST endpoints provided by the WSO2IS for login, signup, user info, etc.
I have tried the following configuration without any success:
1 Answers
1
votes
Add the below config to <IS-HOME>/repository/resources/conf/templates/repository/conf/tomcat/web.xml.j2 in WSO2 Identity Server distribution pack.
Note that below is a sample taken from https://github.com/wso2/identity-apps#run-in-dev-mode. This should work for you as well.
<filter>
<filter-name>CORS</filter-name>
<filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class>
<init-param>
<param-name>cors.allowOrigin</param-name>
<param-value>https://localhost:9000, https://localhost:9001</param-value>
</init-param>
<init-param>
<param-name>cors.supportedMethods</param-name>
<param-value>GET, HEAD, POST, DELETE, OPTIONS, PATCH, PUT</param-value>
</init-param>
<init-param>
<param-name>cors.exposedHeaders</param-name>
<param-value>Location</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CORS</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
In the above for param-value of <param-name>cors.allowOrigin</param-name> Add the hosts you want to allow CORS(You can add multiple Comma-separated or Whitespace-separated values). If the host has a port, that should be included as well. Ideally it should be in the format <protocol>://<host>:<port>.
Also in the above for param-value of <param-name>cors.supportedMethods</param-name>. Add the HTTP methods you will need (You will always need the OPTIONS method as that is the one used for the CORS check).
You can configure the URLs to allow CORS using the <url-pattern> config. <url-pattern>/*</url-pattern> means CORS is allowed for all URLs of the Identity Server.
For more info on the CORS filter configurations refer: http://software.dzhuvinov.com/cors-filter-configuration.html
