Web Server Configuration for Cross-Origin Resource Sharing (CORS)
Provides instructions on how to configure GridGuard virtual appliance (server) to support Cross-Origin Resource Sharing (CORS). This is required for GridLite deployments where the grid will be queried for from a different appliance.
Cross-origin resource sharing (CORS) is a mechanism that allows Javascript on a web page to make XMLHttpRequests to another domain, not the domain the Javascript originated from. Such "cross-domain" requests would otherwise be forbidden by web browsers, per the same origin security policy. CORS defines a way in which the browser and the server can interact to determine whether or not to allow the cross-origin request. It is more powerful than only allowing same-origin requests, but it is more secure than simply allowing all such cross-origin requests.
Prerequisites
1. Ensure GridGuard virtual appliance (server) is accessible from the client using its FQDN
2. Ensure GridGuard virtual appliance (server) has a valid certificate installed. This solution will not work with self-signed certificates.
3. Must be using a recent version of a web browser. Supported versions include:
- Internet Explorer 8 or newer
- Firefox 3.5 or newer
- Safari 4 or newer
- Chrome 3 or newer
Edit Server Configuration
1. Launch an SSH session (putty) and connect to the GridGuard virtual appliance (server)
2. Edit file /etc/httpd/conf/gridguard-http-common.conf
Add directive Header set Access-Control-Allow-Origin * under section <Location /gridguard/rest/grid>
3. Execute command 'service httpd restart'