cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Community email notifications are disrupted. While we are working to resolve, please check on your favorite boards regularly to keep up with your conversations and new topics.

CORS Exception while calling Windchill REST Services

amarjit
6-Contributor

CORS Exception while calling Windchill REST Services

I am using Windchill PDMLink Release 12.0 and Datecode with CPS 12.0.2.8

CORS issue in the Windchill while calling the Windchill REST Services from an external application

Here are the errors that I faced
Access to fetch at 'https://plm-test.intra.infineon.com/Windchill/servlet/odata/v1/Infineon/IFXParts('1231231')' from origin 'https://portal-graviteeio-sbx.icp.infineon.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
6 REPLIES 6
DmitryC
12-Amethyst
(To:amarjit)

Try looking at CORS filter in Windchill\tomcat\conf\web.xml

 

	<filter>
		<filter-name>CorsFilter</filter-name>
		<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
		<init-param>
			<param-name>cors.allowed.origins</param-name>
			<param-value>null</param-value>
		</init-param>
		<init-param>
			<param-name>cors.allowed.methods</param-name>
			<param-value>GET,POST,HEAD,OPTIONS,PUT</param-value>
		</init-param>
		<init-param>
			<param-name>cors.allowed.headers</param-name>
			<param-value>Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers</param-value>
		</init-param>
		<init-param>
			<param-name>cors.exposed.headers</param-name>
			<param-value>Access-Control-Allow-Origin,Access-Control-Allow-Credentials</param-value>
		</init-param>
		<init-param>
    <param-name>cors.support.credentials</param-name>
    <param-value>true</param-value>
		</init-param>
		<init-param>
			<param-name>cors.preflight.maxage</param-name>
			<param-value>10</param-value>
		</init-param>
	</filter>
	
	<filter-mapping>
		<filter-name>CorsFilter</filter-name>
		<url-pattern>/*</url-pattern>
	</filter-mapping>

 

 

Kind regards,

Dmitry

amarjit
6-Contributor
(To:DmitryC)

Thanks for your response.

Is the CORS exception need to be enabled in the Windchill\tomcat\conf\web.xml or the Windchilll\codebase\WEB-INF\web.xml 

cgautier
17-Peridot
(To:amarjit)

Hello amarjit,

Can you review kb article https://www.ptc.com/en/support/article/CS378185 ?

KR,

Charles.

cgautier
17-Peridot
(To:cgautier)

Hello amarjit,

Were the information provided helpful somehow ?

KR,

Charles.

DmitryC
12-Amethyst
(To:amarjit)

Windchill help file suggest editing <Windchill_Home>\codebase\WEB-INF\web.xml 

 

As for me, I've struggled a lot a few years ago and managed to make it work by editing tomcat configuration directly and I'm certainly won't touch anything now unless it breaks 😃

Hi, I also struggled long with the cors topic. Until I finally found the problem.

 

        <filter-name>ContentCorsFilter</filter-name>
        <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
        <init-param>
            <param-name>cors.allowed.origins</param-name>
            <param-value>http://localhost:4200</param-value>
        </init-param>
        <init-param>
            <param-name>cors.support.credentials</param-name>
            <param-value>true</param-value>
        </init-param>
        <init-param>
            <param-name>cors.allowed.methods</param-name>
            <param-value>GET,POST,OPTIONS</param-value>
        </init-param>
        <init-param>
            <param-name>cors.allowed.headers</param-name>
            <param-value>Content-Type,X-Requested-With,Access-Control-Allow-Origin,Access-Control-Allow-Credentials</param-value>
        </init-param>
    </filter>
    <filter>
        <filter-name>ContentHttpHeaderSecurityFilter</filter-name>
        <filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
        <init-param>
            <param-name>antiClickJackingOption</param-name>
            <param-value>ALLOW-FROM</param-value>
        </init-param>
        <init-param>
            <param-name>antiClickJackingUri</param-name>
            <param-value>http://localhost:4200</param-value>
        </init-param>
    </filter>
    <filter-mapping>
        <filter-name>ContentCorsFilter</filter-name>
        <url-pattern>/servlet/WindchillAuthGW/wt.content.ContentHttp/viewContent/*</url-pattern>
        <url-pattern>/servlet/WindchillGW/wt.fv.master.StandardMasterService/doDirectDownload/*</url-pattern>
        <url-pattern>/servlet/WindchillGW/wt.fv.replica.StandardReplicaService/doDownload/*</url-pattern>
        <url-pattern>/servlet/WindchillGW/wt.fv.replica.StandardReplicaService/doIndirectDownLoad/*</url-pattern>
        <url-pattern>/servlet/WindchillGW/wt.fv.uploadtocache.DoUploadToCache_Server/doUploadToCache_Master</url-pattern>
        <url-pattern>/servlet/WindchillGW/wt.fv.uploadtocache.DoUploadToCache_Server/doUploadToCache_Replica</url-pattern>
    </filter-mapping>
    <filter-mapping>
        <filter-name>ContentHttpHeaderSecurityFilter</filter-name>
        <url-pattern>/servlet/WindchillAuthGW/wt.content.ContentHttp/viewContent/*</url-pattern>
        <url-pattern>/servlet/WindchillGW/wt.fv.master.StandardMasterService/doDirectDownload/*</url-pattern>
        <url-pattern>/servlet/WindchillGW/wt.fv.replica.StandardReplicaService/doDownload/*</url-pattern>
        <url-pattern>/servlet/WindchillGW/wt.fv.replica.StandardReplicaService/doIndirectDownLoad/*</url-pattern>
        <url-pattern>/servlet/WindchillGW/wt.fv.uploadtocache.DoUploadToCache_Server/doUploadToCache_Master</url-pattern>
        <url-pattern>/servlet/WindchillGW/wt.fv.uploadtocache.DoUploadToCache_Server/doUploadToCache_Replica</url-pattern>
    </filter-mapping>

 

 My problem was, that the tag cors.allowed.headers did not have the appropriate header information in it. This is just missing in the WNC help.

Access-Control-Allow-Origin,Access-Control-Allow-Credentials

Adding the above entries to the codebase/WEB-INF/web.xml  solved all my CORS problems.

Top Tags