inteligr8/alfresco-ng2-components
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-ng2-components.git synced 2025-07-24 17:32:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
58af422d6299d94ebd8d51088a0a9aff64a1e290
alfresco-ng2-components/ALFRESCOCORS.md
Mario Romano 5a2dbbcb67 Update ALFRESCOCORS.md
2016-12-16 18:01:30 +00:00

2.6 KiB
Raw Blame History

Enable CORS in Alfresco

The web client that we are building with the application development framework will be loaded from a different web server than the Alfresco Platform is running on. So we need to tell the Alfresco server that any request that comes in from this custom web client should be allowed access to the Content Repository. This is done by enabling CORS.

To enable CORS in the Alfresco Platform do one of the following:

##Recommended - Download and install the enable CORS module

This is the easiest way, add the enablecors platform module JAR to the $ALF_INSTALL_DIR/modules/platform directory and restart the server.

Note. by default the CORS filter that is enabled will allow any orgin.

##Or - Manually update the web.xml file

Modify $ALF_INSTALL_DIR/tomcat/webapps/alfresco/WEB-INF/web.xml and uncomment the following section and update cors.allowOrigin to http://localhost:3000:

<filter>
      <filter-name>CORS</filter-name>
      <filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class>
      <init-param>
         <param-name>cors.allowGenericHttpRequests</param-name>
         <param-value>true</param-value>
      </init-param>
      <init-param>
         <param-name>cors.allowOrigin</param-name>
         <param-value>http://localhost:3000</param-value>
      </init-param>
      <init-param>
         <param-name>cors.allowSubdomains</param-name>
         <param-value>true</param-value>
      </init-param>
      <init-param>
         <param-name>cors.supportedMethods</param-name>
         <param-value>GET, HEAD, POST, PUT, DELETE, OPTIONS</param-value>
      </init-param>
      <init-param>
         <param-name>cors.supportedHeaders</param-name>
         <param-value>origin, authorization, x-file-size, x-file-name, content-type, accept, x-file-type</param-value>
      </init-param>
      <init-param>
         <param-name>cors.supportsCredentials</param-name>
         <param-value>true</param-value>
      </init-param>
      <init-param>
         <param-name>cors.maxAge</param-name>
         <param-value>3600</param-value>
      </init-param>
</filter>

When specifying the cors.allowOrigin URL make sure to use the URL that will be used by the web client.

Then uncomment filter mappings:

<filter-mapping>
      <filter-name>CORS</filter-name>
      <url-pattern>/api/*</url-pattern>
      <url-pattern>/service/*</url-pattern>
      <url-pattern>/s/*</url-pattern>
      <url-pattern>/cmisbrowser/*</url-pattern>
</filter-mapping>