IBM Integration Bus, Version 10.0.0.0 Operating Systems: AIX, HP-Itanium, Linux, Solaris, Windows, z/OS


Permitting web browsers to access deployed HTTP services by enabling Cross-Origin Resource Sharing

You can configure IBM® Integration Bus to permit cross-origin requests from a web browser by enabling Cross-Origin Resource Sharing (CORS).

Before you begin

Find out about Cross-Origin Resource Sharing, why you might want to enable it, and the implications of doing so, see Cross-Origin Resource Sharing.

About this task

IBM Integration Bus includes full support for CORS according to the specification that is available online at Cross-Origin Resource Sharing. You can configure the HTTP listeners for an integration server so that they respond to and permit cross-origin requests from a web browser. You cannot configure the HTTP listeners for an integration node to respond to cross-origin requests from a web browser.

Procedure

If you want to permit a web page that is running in a web browser to make HTTP requests to HTTP services that are deployed to IBM Integration Bus, where those HTTP services are being hosted on an HTTP listener for an integration server, complete the following steps:

  1. Enable CORS on the HTTP listeners for the integration server. The connectorName for the HTTP listener is HTTPConnector, and for the HTTPS listener is HTTPSConnector. If both HTTP and HTTPS are in use, you must configure the HTTP listeners for HTTP and HTTPS independently.
    mqsichangeproperties integrationNodeName -e integrationServerName -o connectorName -n corsEnabled -v true
  2. Optional: The default values for the CORS properties for the HTTP listener are permissive. All origins and HTTP methods are permitted by default. You can restrict the permitted origins and HTTP methods for cross-origin requests by configuring other CORS properties, see Integration server HTTP listener parameters (SOAP and HTTP nodes).
  3. Optional: To display the currently configured CORS properties on the HTTP listener, run the following command:
    mqsireportproperties integrationNodeName -e integrationServerName -o connectorName -r

Results

Cross-Origin Resource Sharing is now enabled. The web page that is running in a web browser is now permitted to make HTTP requests to HTTP services that are deployed to IBM Integration Bus, where those HTTP services are being hosted on an HTTP listener for an integration server.

What to do next

When CORS properties are modified on an HTTP listener for the integration server, the changes take effect immediately. You are not required to restart any of the deployed HTTP services or the integration server itself.
Compltete the following checks:
  • Test the configuration by making HTTP requests from a web page that is running in a web browser to the deployed HTTP services that are being hosted on the HTTP listener that you configured.
  • Check that the HTTPInput node in the message flow is called when the request is made, and that the message flow processes the request as expected.
  • Check that the response that is sent through the HTTPReply node in the message flow is returned to the web page that made the request, and that the response is not dropped by the web browser.
  • Check that this processing works for all of the HTTP methods that the web page makes requests for.

ap04200_.htm | Last updated 2015-03-27 19:27:13