Setup Guide for cross domain (CORS)
- Jennifer (Deactivated)
- Ryosuke Kumai
- Shunsuke Osawa (Unlicensed)
- 勇生 鈴山 (Deactivated)
Owned by Jennifer (Deactivated)
Alfresco 6.2+, 7.0+
Edit /opt/alfresco/content-services/tomcat/shared/classes/alfresco-global.properties
cors.enabled=true cors.allowSubdomains=true cors.allowed.origins=https://alfresco.sample.net,https://confluence.sample.net cors.allowed.methods=GET,HEAD,POST,PUT,DELETE,OPTIONS cors.allowed.headers=Accept,Access-Control-Request-Headers,Access-Control-Request-Method,Authorization,Content-Type,Cache-Control,X-Requested-With,X-CSRF-Token cors.exposed.headers=Access-Control-Allow-Origin,Access-Control-Allow-Credentials cors.support.credentials=true cors.preflight.maxage=10 cors.allowGenericHttpRequests=true
- Specify The URL to allow on the cross-domain to cors.allowed.origins value.
(Asterisk can NOT be used here, but Please specify the appropriate both Confluence and Alfresco domain.) Edit /opt/alfresco/content-services/tomcat/conf/server.xml
<Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" URIEncoding="UTF-8" redirectPort="8443" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^\`"/>Add relaxedPathChars and relaxedQueryChars if they are not.- Restart Alfresco
Alfresco 5.2 - 6.1
Make sure /opt/alfresco-content-services/tomcat/webapps/alfresco/WEB-INF/lib and cors-filter-2.5.jar, java-property-utils-1.9.1.jar is located.
- Edit /opt/alfresco-content-services/tomcat/webapps/alfresco/WEB-INF/web.xml
Uncomment <filter> between <!-- CORS Filter Begin --> and <!-- CORS Filter End -->
<!-- CORS Filter Begin --> <filter> <filter-name>CORS</filter-name> <filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class> <init-param> <param-name>cors.allowGenericHttpRequests</param-name> <param-value>true</param-value> </init-param> <init-param> <param-name>cors.allowOrigin</param-name> <param-value>http://localhost:8081</param-value> </init-param> <init-param> <param-name>cors.allowSubdomains</param-name> <param-value>true</param-value> </init-param> <init-param> <param-name>cors.supportedMethods</param-name> <param-value>GET, HEAD, POST, PUT, DELETE, OPTIONS</param-value> </init-param> <init-param> <param-name>cors.supportedHeaders</param-name> <param-value>origin, authorization, x-file-size, x-file-name, content-type, accept, x-file-type</param-value> </init-param> <init-param> <param-name>cors.supportsCredentials</param-name> <param-value>true</param-value> </init-param> <init-param> <param-name>cors.maxAge</param-name> <param-value>3600</param-value> </init-param> </filter> <!-- CORS Filter End -->Specify The URL to allow on the cross-domain to cors.allowOrigin param-value of the init-param element.
(Asterisk is specified here, but Please specify the appropriate URL.)<init-param> <param-name>cors.allowOrigin</param-name> <!--param-value>http://localhost:8081</param-value--> <param-value>*</param-value> </init-param>Uncomment <filter-mapping> between <!-- CORS Filter Mappings Begin --> and <!-- CORS Filter Mappings End -->.
<!-- CORS Filter Mappings Begin --> <filter-mapping> <filter-name>CORS</filter-name> <url-pattern>/api/*</url-pattern> <url-pattern>/service/*</url-pattern> <url-pattern>/s/*</url-pattern> <url-pattern>/cmisbrowser/*</url-pattern> </filter-mapping> <!-- CORS Filter Mappings End -->Restart Alfresco
Alfresco 5.0.2 - 5.1
Make sure "cors-filter-1.9.3.jar,java-property-utils-1.9.1.jar" is located in "/opt/alfresco/tomcat/webapps/alfresco/WEB-INF/lib".
Edit /opt/alfresco/tomcat/webapps/alfresco/WEB-INF/web.xml
Uncomment <filter> between <!-- CORS Filter Begin → and<!-- CORS Filter End -->
<!-- CORS Filter Begin --> <filter> <filter-name>CORS</filter-name> <filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class> <init-param> <param-name>cors.allowGenericHttpRequests</param-name> <param-value>true</param-value> </init-param> <init-param> <param-name>cors.allowOrigin</param-name> <param-value>http://localhost:8081</param-value> </init-param> <init-param> <param-name>cors.allowSubdomains</param-name> <param-value>true</param-value> </init-param> <init-param> <param-name>cors.supportedMethods</param-name> <param-value>GET, HEAD, POST, PUT, DELETE, OPTIONS</param-value> </init-param> <init-param> <param-name>cors.supportedHeaders</param-name> </init-param> <init-param> <param-name>cors.supportsCredentials</param-name> <param-value>true</param-value> </init-param> <init-param> <param-name>cors.maxAge</param-name> <param-value>3600</param-value> </init-param> </filter> <!-- CORS Filter End -->Specify the URL to allow on the cross-domain to "cros.allowOrigin" param-value of the init-param element.
(The following asterisk specified here, but please specify with appropriate URL according to environment)
<init-param> <param-name>cors.allowOrigin</param-name> <!--param-value>http://localhost:8081</param-value--> <param-value>*</param-value> </init-param>Uncomment <filter-mapping> between <!-- CORS Filter Mappings Begin --> and <!-- CORS Filter Mappings End --> .
<!-- CORS Filter Mappings Begin --> <filter-mapping> <filter-name>CORS</filter-name> <url-pattern>/api/*</url-pattern> <url-pattern>/service/*</url-pattern> <url-pattern>/s/*</url-pattern> <url-pattern>/cmisbrowser/*</url-pattern> </filter-mapping> <!-- CORS Filter Mappings End -->Restart the Alfresco.
Alfresco 5.0.1
Put cors-filter-2.4.jar and java-property-utils-1.9.1.ja.in /opt/alfresco/tomcat/webapps/alfresco/WEB-INF/lib directory.
Edit 'web.xml' in '/opt/alfresco/tomcat/webapps/alfresco/WEB-INF/' as shown below.
<filter> can be put anywhere on web.xml
But, <filter-mapping> must be put after "Global Localization Filter" and before "CMIS security context cleaning filter"
<filter> <filter-name>JSF Session Synchronized Filter</filter-name> <filter-class>org.alfresco.repo.web.filter.beans.SessionSynchronizedFilter</filter-class> </filter> <!-- ここから追加 Add descriptions start --> <filter> <filter-name>CORS</filter-name> <filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class> <init-param> <param-name>cors.allowOrigin</param-name> <param-value>*</param-value> </init-param> <init-param> <param-name>cors.allowSubdomains</param-name> <param-value>true</param-value> </init-param> <init-param> <param-name>cors.supportedMethods</param-name> <param-value>GET, POST, HEAD, PUT, DELETE, OPTIONS</param-value> </init-param> <init-param> <param-name>cors.supportedHeaders</param-name> <param-value>Content-Type, Accept, Authorization</param-value> </init-param> </filter> <!-- ここまで追加 Add descriptions end --> <filter-mapping> <filter-name>Global Localization Filter</filter-name> <url-pattern>/*</url-pattern> <dispatcher>REQUEST</dispatcher> </filter-mapping> <!-- ここから追加 Add descriptions start --> <filter-mapping> <filter-name>CORS</filter-name> <url-pattern>/api/*</url-pattern> <url-pattern>/service/*</url-pattern> <url-pattern>/s/*</url-pattern> <url-pattern>/cmisbrowser/*</url-pattern> </filter-mapping> <!-- ここまで追加 Add descriptions end --> <filter-mapping> <filter-name>CMIS security context cleaning filter</filter-name> <url-pattern>/cmisws/*</url-pattern> </filter-mapping>Restart the Alfresco.
Reference
About 'CORS'
Cross-origin resource sharing
W3C Cross-Origin Resource Sharing
Using CORS
Information about 'CORS' module in 'Alfresco'.