Permitting web browsers to access deployed HTTP services by enabling Cross-Origin Resource Sharing
You can configure IBM® Integration Bus to permit cross-origin requests from a web browser by enabling Cross-Origin Resource Sharing (CORS).
Before you begin
About this task
If you want to permit a web page that is running in a web browser to make HTTP requests to HTTP services that are deployed to IBM Integration Bus, where those HTTP services are being hosted on an HTTP listener for an integration server or an HTTP listener for the integration node, complete the following steps:
- Enable CORS on
the HTTP listeners. The connectorName for the HTTP listener is HTTPConnector,
and for the HTTPS listener is HTTPSConnector. If both HTTP and HTTPS
are in use, you must configure the HTTP listeners for HTTP and HTTPS
independently. The following example shows how to configure the integration server HTTP listener:
mqsichangeproperties integrationNodeName -e integrationServerName -o connectorName -n corsEnabled -v trueThe following example shows how to configure the integration node HTTP listener:
mqsichangeproperties integrationNodeName -b httplistener -o connectorName -n corsEnabled -v true
- Optional: The default values for the CORS properties for the HTTP listener are permissive. All origins and HTTP methods are permitted by default. You can restrict the permitted origins and HTTP methods for cross-origin requests by configuring other CORS properties, as described in Integration server HTTP listener parameters (SOAP and HTTP nodes) and Integration node HTTP listener parameters.
- Optional: To display the currently configured CORS properties on the HTTP listener,
run the following command:
For the integration server HTTP listener:
mqsireportproperties integrationNodeName -e integrationServerName -o connectorName -rFor the integration node HTTP listener:
mqsireportproperties integrationNodeName -b httplistener -o connectorName -r
What to do next
- Test the configuration by making HTTP requests from a web page that is running in a web browser to the deployed HTTP services that are being hosted on the HTTP listener that you configured.
- Check that the HTTPInput node in the message flow is called when the request is made, and that the message flow processes the request as expected.
- Check that the response that is sent through the HTTPReply node in the message flow is returned to the web page that made the request, and that the response is not dropped by the web browser.
- Check that this processing works for all the HTTP methods that the web page makes requests for.