Before you begin
Find out about
Cross-Origin Resource Sharing,
why you might want to enable it, and the implications of doing so,
see
Cross-Origin Resource Sharing.
About this task
IBM Integration Bus includes full support for
CORS according to the specification that is available online at
Cross-Origin Resource Sharing. You can configure the HTTP listeners for an integration server so that they respond to and permit cross-origin requests from a web browser. You cannot configure the HTTP listeners for an integration node to respond to cross-origin requests from a web browser.
Procedure
If you want to permit a web page that is running in a
web browser to make HTTP requests to HTTP services that are deployed
to IBM Integration Bus, where those HTTP services
are being hosted on an HTTP listener for an integration server, complete
the following steps:
- Enable CORS on the
HTTP listeners for the integration server. The connectorName for the
HTTP listener is HTTPConnector, and for the HTTPS listener is HTTPSConnector.
If both HTTP and HTTPS are in use, you must configure the HTTP listeners
for HTTP and HTTPS independently.
mqsichangeproperties integrationNodeName -e integrationServerName -o connectorName -n corsEnabled -v true
- Optional: The default values for the CORS properties for the HTTP listener
are permissive. All origins and HTTP methods are permitted by default.
You can restrict the permitted origins and HTTP methods for cross-origin
requests by configuring other CORS properties,
see Integration server HTTP listener parameters (SOAP and HTTP nodes).
- Optional: To display the currently configured CORS properties on the HTTP listener,
run the following command:
mqsireportproperties integrationNodeName -e integrationServerName -o connectorName -r
Results
Cross-Origin Resource Sharing is now enabled. The web page that is running in a web browser is now permitted to make HTTP requests to HTTP services that are deployed to
IBM Integration Bus, where those HTTP services are being hosted on an HTTP listener for an integration server.
What to do next
When
CORS properties are modified on an HTTP listener for the integration server, the changes take effect immediately. You are not required to restart any of the deployed HTTP services or the integration server itself.
Compltete the following checks:
- Test the configuration by making HTTP requests from a web page that is running in a web browser to the deployed HTTP services that are being hosted on the HTTP listener that you configured.
- Check that the HTTPInput node in the message flow is called when the request is made, and that the message flow processes the request as expected.
- Check that the response that is sent through the HTTPReply node in the message flow is returned to the web page that made the request, and that the response is not dropped by the web browser.
- Check that this processing works for all of the HTTP methods that the web page makes requests for.