If you want to use an external web site to call Spectrum™ Technology Platform, Cross-Origin
Resource Sharing (CORS) must be enabled. CORS prevents unauthorized web applications
from using services from a server like the Spectrum™ Technology Platform. You can
find more information on enabling CORS in your Spectrum™ Technology Platform
Administration Guide.
-
Edit the spectrum-advanced.properties in the Spectrum/server/app/conf
folder.
-
Set the spectrum.jetty.cors.enabled property to
true to enable CORS. The default is
false.
-
Add your web server host name to the spectrum.jetty.cors.allowedOrigins
property that contains a comma separated list of origins that are allowed to
access resources on the Spectrum™ Technology Platform server. The default value
is http://localhost:8080,http://localhost:443.
Change to something similar to:
spectrum.jetty.cors.allowedOrigins=http://myserver:port.
In this example, myserver is the machine name for the web server. The
machine name is case sensitive. You need to change that to your server (machine)
name. In most cases, the server name needs to be in lower case. Also, define the
port that the web server uses.
-
In the spectrum-advanced.properties file, to allow CORS authentication,
add ", Authorization” to the end of the
spectrum.jetty.cors.allowedHeaders option. For example:
spectrum.jetty.cors.allowedHeaders=X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Authorization