Configuring allowed origins for Process Portal
Process Portal makes requests to Process Federation Server and federated servers. When these services are not on the system that originated Process Portal, cross-origin resource sharing (CORS) is used to enable the browser to trust the cross-origin requests.
Before you begin
Attention: The following information also applies
to both Process Portal and
custom client web applications.
- If you intend to run BPEL processes and human tasks from Process Portal, the topology for your federated environment must include an HTTP server in front of the server that hosts the BPEL processes.
- Ensure that single-sign on is configured for all federated servers in the federated environment, including the server that hosts Process Portal. For more information, see Configuring SSO for federated environments.
About this task
To enable the cross-origin requests within the federated environment, you must configure a list of allowed origins for Process Federation Server and the federated servers. The allowed origin value is the URL prefix that the clients use to access the Process Portal web application.
For example, if the server that hosts Process Portal is available at
https://portal.mycompany.com:9443
, configure this URL to be an allowed origin on
Process Federation Server, and on each federated
server. The allowed origin indicates to Process Federation Server and federated servers that REST
requests that originate from https://portal.mycompany.com:9443
are trusted and are
to be allowed. If you use an HTTP server in front of Process Portal, use the HTTP server URL prefix as the
allowed origin.Exception: If you run BPEL process from Process Portal, do not configure allowed origins on Process Federation Server. Instead configure the allowed origins
on the HTTP server.
For more information about the various topologies, see Adding a business process management system to a federated environment.