Before you begin
To find out about
Cross-Origin Resource Sharing, why you might want to
enable it, and the implications of doing so, see
Cross-Origin Resource Sharing.
About this task
IBM Integration Bus includes
full support for
CORS according
to the specification that is available online at
Cross-Origin Resource Sharing. You can configure
the HTTP listeners for an integration server so that they respond
to and permit cross-origin requests from a web browser.
Procedure
If you want to permit a web page that is
running in a web browser to make HTTP requests to HTTP services that
are deployed to IBM Integration Bus, where
those HTTP services are being hosted on an HTTP listener for an integration
server, complete the following steps:
- Enable CORS on
the HTTP listeners. The connectorName for the HTTP listener is HTTPConnector,
and for the HTTPS listener is HTTPSConnector. If both HTTP and HTTPS
are in use, you must configure the HTTP listeners for HTTP and HTTPS
independently.
mqsichangeproperties integrationNodeName -e integrationServerName -o connectorName -n corsEnabled -v true
- Optional: The default values for
the CORS properties for the
HTTP listener are permissive. All origins and HTTP methods are permitted
by default. You can restrict the permitted origins and HTTP methods
for cross-origin requests by configuring other CORS properties, as described in Integration server HTTP listener parameters (SOAP and HTTP nodes).
- Optional: To display the currently configured CORS properties on the HTTP listener,
run the following command:
mqsireportproperties integrationNodeName -e integrationServerName -o connectorName -r
Results
Cross-Origin Resource Sharing is
now enabled. The web page that is running in a web browser is now
permitted to make HTTP requests to HTTP services that are deployed
to
IBM Integration Bus, where those HTTP services
are being hosted on an HTTP listener for an integration server.
What to do next
When CORS properties
are modified on an HTTP listener for the integration server,
the changes take effect immediately. You are not required to restart
any of the deployed HTTP services, the integration server, or the
integration node. Complete the following checks:
- Test the configuration by making HTTP requests from a web page
that is running in a web browser to the deployed HTTP services that
are being hosted on the HTTP listener that you configured.
- Check that the HTTPInput node
in the message flow is called when the request is made, and that the
message flow processes the request as expected.
- Check that the response that is sent through the HTTPReply node in the message
flow is returned to the web page that made the request, and that the
response is not dropped by the web browser.
- Check that this processing works for all the HTTP methods that
the web page makes requests for.