{"id":16121,"date":"2020-08-08T04:46:25","date_gmt":"2020-08-08T11:46:25","guid":{"rendered":"https:\/\/ephesoft.com\/docs\/?p=16121"},"modified":"2020-10-27T15:36:31","modified_gmt":"2020-10-27T22:36:31","slug":"kb00023267-how-to-enable-cors-in-ephesoft-transact","status":"publish","type":"post","link":"https:\/\/ephesoft.com\/docs\/kb00023267-how-to-enable-cors-in-ephesoft-transact\/","title":{"rendered":"How to Enable CORS in Ephesoft Transact"},"content":{"rendered":"<p><span style=\"color: #333333\">In this article, you will learn how to enable Cross-origin Resource Sharing (CORS) in Ephesoft Transact. Enabling CORS will resolve Access Control Allow Origin Exception with your web application.<\/span><\/p>\n<h2><span style=\"color: #333333\"><strong>What is CORS?<\/strong><\/span><\/h2>\n<p id=\"aui-3-18-0-4_55568\"><span style=\"color: #333333\">CORS is a security feature that uses HTTP Headers that can be sent from the web server and interpreted by the browser to allow the browser to decide if it should proceed with a request or not. Part of the CORS mechanism involves the browser making a \u2018preflight\u2019 OPTIONS request to the web server so it can decide if it should send the actual request or not. <\/span><\/p>\n<p><span style=\"color: #333333\"><strong>Note: <\/strong>CORS checks are only made for requests that are not categorized as &#8220;simple requests&#8221; and one of the triggers for requests to our APIs is the inclusion of an &#8220;Authorization&#8221; header.<\/span><\/p>\n<p><span style=\"color: #333333\">CORS is controlled by the client so any custom code is written in Java for example or any custom requests made in PostMan will not be affected by CORS, however, any custom code that is executed by a modern web browser such as JavaScript will be affected by CORS.<\/span><\/p>\n<p><span style=\"color: #333333\">So in the current Ephesoft Transact configuration, we have two issues:<\/span><\/p>\n<ol id=\"aui-3-18-0-4_48090\">\n<li id=\"aui-3-18-0-4_48089\"><span style=\"color: #333333\">OPTIONS requests are not supported by the current web.xml configuration: OPTIONS requests need to be supported WITHOUT the requirement for the request to be sent with authentication (since CORS preflight requests do not include authentication). Configuration needs to be added to Ephesoft\\Application\\WEB-INF\\web.xml enables this support<\/span><\/li>\n<li id=\"aui-3-18-0-4_48093\"><span style=\"color: #333333\">CORS response headers are not configured to be returned to a client that requests them. We need to add an additional filter configuration which needs to be added to Ephesoft\\JavaAppServer\\conf\\web.xml<\/span><\/li>\n<\/ol>\n<h2 id=\"aui-3-18-0-4_55568\"><span style=\"color: #333333\"><b>Steps to Enable CORS<\/b><\/span><\/h2>\n<p><span style=\"color: #333333\">Add the following lines to\u00a0<strong>web.xml\u00a0<\/strong>file, located at <em>[Ephesoft_Directory]<\/em>\\JavaAppServer\\conf\\.<\/span><\/p>\n<p><span style=\"color: #333333\">Enter the originating server URL in the field <strong><em>&lt;server URL&gt;<\/em><\/strong>. For enabling CORS requests from multiple origins, separate each URL with a comma.<\/span><\/p>\n<pre class=\"code-java\"><span style=\"color: #333333\">&lt;filter&gt;\r\n\t&lt;filter-name&gt;CorsFilter&lt;\/filter-name&gt;\r\n\t&lt;filter-<span class=\"code-keyword\">class&gt;<\/span>org.apache.catalina.filters.CorsFilter&lt;\/filter-<span class=\"code-keyword\">class&gt;<\/span>\r\n\t&lt;init-param&gt;\r\n\t\t&lt;param-name&gt;cors.allowed.origins&lt;\/param-name&gt;\r\n\t\t&lt;param-value&gt;<em><strong>&lt;serverURL&gt;<\/strong><\/em>&lt;\/param-value&gt;\r\n\t&lt;\/init-param&gt;\r\n\t&lt;init-param&gt;\r\n\t\t&lt;param-name&gt;cors.allowed.methods&lt;\/param-name&gt;\r\n\t\t&lt;param-value&gt;GET,POST,HEAD,OPTIONS,PUT&lt;\/param-value&gt;\r\n\t&lt;\/init-param&gt;\r\n\t&lt;init-param&gt;\r\n\t\t&lt;param-name&gt;cors.allowed.headers&lt;\/param-name&gt;\r\n\t\t&lt;param-value&gt;Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Content-Disposition, Authorization&lt;\/param-value&gt;\r\n\t&lt;\/init-param&gt;\r\n\t&lt;init-param&gt;\r\n\t\t&lt;param-name&gt;cors.exposed.headers&lt;\/param-name&gt;\r\n\t\t&lt;param-value&gt;Access-Control-Allow-Origin,Access-Control-Allow-Credentials&lt;\/param-value&gt;\r\n\t&lt;\/init-param&gt;\r\n\t&lt;init-param&gt;\r\n\t\t&lt;param-name&gt;cors.support.credentials&lt;\/param-name&gt;\r\n\t\t&lt;param-value&gt;<span class=\"code-keyword\">true<\/span>&lt;\/param-value&gt;\r\n\t&lt;\/init-param&gt;\r\n\t&lt;init-param&gt;\r\n\t\t&lt;param-name&gt;cors.preflight.maxage&lt;\/param-name&gt;\r\n\t\t&lt;param-value&gt;10&lt;\/param-value&gt;\r\n\t&lt;\/init-param&gt;\r\n&lt;\/filter&gt;\r\n\r\n&lt;filter-mapping&gt;\r\n\t&lt;filter-name&gt;CorsFilter&lt;\/filter-name&gt;\r\n\t&lt;url-pattern&gt;\/*&lt;\/url-pattern&gt;\r\n&lt;\/filter-mapping&gt;<\/span><\/pre>\n<p><span style=\"color: #333333\">Add the following lines to <strong>web.xml <\/strong>file. Do not merge this security restraint with an existing<strong> \/rest\/*<\/strong> security restraint in the <strong>web.xml<\/strong>.<\/span><\/p>\n<pre class=\"code-java\"><span style=\"color: #333333\">&lt;security-constraint&gt;\r\n\t&lt;web-resource-collection&gt;\r\n\t\t&lt;web-resource-name&gt;web service&lt;\/web-resource-name&gt;\r\n\t\t&lt;url-pattern&gt;\/<span class=\"code-keyword\">rest<\/span>\/*&lt;\/url-pattern&gt;\r\n\t\t&lt;http-method&gt;OPTIONS&lt;\/http-method&gt;\r\n\t&lt;\/web-resource-collection&gt;\r\n&lt;\/security-constraint&gt;<\/span><\/pre>\n","protected":false},"excerpt":{"rendered":"<p>In this article, you will learn how to enable Cross-origin Resource Sharing (CORS) in Ephesoft Transact. Enabling CORS will resolve [&hellip;]<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[636,361],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v19.0 (Yoast SEO v22.1) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>How to Enable CORS in Ephesoft Transact | Ephesoft Docs<\/title>\n<meta name=\"robots\" content=\"noindex, follow\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to Enable CORS in Ephesoft Transact\" \/>\n<meta property=\"og:description\" content=\"In this article, you will learn how to enable Cross-origin Resource Sharing (CORS) in Ephesoft Transact. Enabling CORS will resolve [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/ephesoft.com\/docs\/kb00023267-how-to-enable-cors-in-ephesoft-transact\/\" \/>\n<meta property=\"og:site_name\" content=\"Ephesoft Docs\" \/>\n<meta property=\"article:published_time\" content=\"2020-08-08T11:46:25+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-10-27T22:36:31+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/ephesoft.com\/docs\/kb00023267-how-to-enable-cors-in-ephesoft-transact\/\",\"url\":\"https:\/\/ephesoft.com\/docs\/kb00023267-how-to-enable-cors-in-ephesoft-transact\/\",\"name\":\"How to Enable CORS in Ephesoft Transact | Ephesoft Docs\",\"isPartOf\":{\"@id\":\"https:\/\/ephesoft.com\/docs\/#website\"},\"datePublished\":\"2020-08-08T11:46:25+00:00\",\"dateModified\":\"2020-10-27T22:36:31+00:00\",\"author\":{\"@id\":\"\"},\"breadcrumb\":{\"@id\":\"https:\/\/ephesoft.com\/docs\/kb00023267-how-to-enable-cors-in-ephesoft-transact\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/ephesoft.com\/docs\/kb00023267-how-to-enable-cors-in-ephesoft-transact\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/ephesoft.com\/docs\/kb00023267-how-to-enable-cors-in-ephesoft-transact\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/ephesoft.com\/docs\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How to Enable CORS in Ephesoft Transact\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/ephesoft.com\/docs\/#website\",\"url\":\"https:\/\/ephesoft.com\/docs\/\",\"name\":\"Ephesoft Docs\",\"description\":\"Intelligent Document Processing Made Easy\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/ephesoft.com\/docs\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"How to Enable CORS in Ephesoft Transact | Ephesoft Docs","robots":{"index":"noindex","follow":"follow"},"og_locale":"en_US","og_type":"article","og_title":"How to Enable CORS in Ephesoft Transact","og_description":"In this article, you will learn how to enable Cross-origin Resource Sharing (CORS) in Ephesoft Transact. Enabling CORS will resolve [&hellip;]","og_url":"https:\/\/ephesoft.com\/docs\/kb00023267-how-to-enable-cors-in-ephesoft-transact\/","og_site_name":"Ephesoft Docs","article_published_time":"2020-08-08T11:46:25+00:00","article_modified_time":"2020-10-27T22:36:31+00:00","twitter_card":"summary_large_image","twitter_misc":{"Written by":"","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/ephesoft.com\/docs\/kb00023267-how-to-enable-cors-in-ephesoft-transact\/","url":"https:\/\/ephesoft.com\/docs\/kb00023267-how-to-enable-cors-in-ephesoft-transact\/","name":"How to Enable CORS in Ephesoft Transact | Ephesoft Docs","isPartOf":{"@id":"https:\/\/ephesoft.com\/docs\/#website"},"datePublished":"2020-08-08T11:46:25+00:00","dateModified":"2020-10-27T22:36:31+00:00","author":{"@id":""},"breadcrumb":{"@id":"https:\/\/ephesoft.com\/docs\/kb00023267-how-to-enable-cors-in-ephesoft-transact\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/ephesoft.com\/docs\/kb00023267-how-to-enable-cors-in-ephesoft-transact\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/ephesoft.com\/docs\/kb00023267-how-to-enable-cors-in-ephesoft-transact\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/ephesoft.com\/docs\/"},{"@type":"ListItem","position":2,"name":"How to Enable CORS in Ephesoft Transact"}]},{"@type":"WebSite","@id":"https:\/\/ephesoft.com\/docs\/#website","url":"https:\/\/ephesoft.com\/docs\/","name":"Ephesoft Docs","description":"Intelligent Document Processing Made Easy","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/ephesoft.com\/docs\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":""}]}},"_links":{"self":[{"href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/posts\/16121"}],"collection":[{"href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/comments?post=16121"}],"version-history":[{"count":0,"href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/posts\/16121\/revisions"}],"wp:attachment":[{"href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/media?parent=16121"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/categories?post=16121"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ephesoft.com\/docs\/wp-json\/wp\/v2\/tags?post=16121"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}