Troubleshooting CORS Configuration in WSO2 APIM v3.2

-

wso2-cors

Cross-Origin Resource Sharing (CORS) is a critical mechanism that allows web applications to securely interact with resources from different origins. In WSO2 API Manager (APIM), configuring CORS correctly is essential for ensuring seamless API consumption. However, sometimes things don’t go as planned, even when the configurations seem correct. In this blog, I’ll share my experience of troubleshooting a CORS issue in WSO2 APIM v3.2 and how I resolved it.

Environment
  • Openshift Based deployment
  • WSO2 API Manager v3.2
Problem Statement
Despite applying the correct CORS configurations via the WSO2 APIM Publisher portal on a per-API basis, the API calls were failing with the following CORS error:

Access to XMLHttpRequest at 'http://192.190.29.1/api/getdetails' from origin 'null' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

This error indicated that the preflight request was not receiving the necessary Access-Control-Allow-Origin header, which is essential for CORS to work.

Initial Troubleshooting Steps
I began by following the standard troubleshooting steps:

  • Re-publishing the API: I re-published the API to ensure that the CORS configurations were applied correctly.

  • Restarting the Server: I restarted the WSO2 server to rule out any runtime issues.

  • Double-Checking Configurations: I verified the CORS settings in the Publisher portal to ensure they were accurate.

  • Despite these efforts, the issue persisted.

Digging Deeper
When the standard steps didn’t resolve the issue, I decided to investigate further. Here’s what I did:

  • Checked Synapse Configurations: I navigated to the AM_HOME/repository/deployment/server/synapse-configs/default/sequences directory to inspect the CORS-related files.
  • Identified the Missing File: To my surprise, the _cors_request_handler_.xml file was missing from the directory. This file is crucial for handling CORS requests in WSO2 APIM.

The Solution
Once I identified the missing file, I took the following steps to resolve the issue:

  • Restored the Missing File: I manually added the _cors_request_handler_.xml file from a backup to the sequences directory.
  • Re-published the API: After restoring the file, I re-published the API to ensure the changes were applied.
  • Tested the API: I made a call to the API, and this time, the CORS configuration worked as expected.

Root Cause Analysis
The missing _cors_request_handler_.xml file was the root cause of the issue. While the exact reason for the file’s absence is unclear, it could be attributed to environmental factors such as:

  • File Deletion During Deployment: The file might have been accidentally deleted during a deployment or server restart.
  • Synapse Configuration Corruption: A potential corruption in the synapse configuration could have led to the file being omitted.
  • Incomplete Server Setup: If the server setup was incomplete or interrupted, it might have resulted in missing files.

Key Takeaways

  • Always Have Backups: Maintaining backups of critical configuration files can save you a lot of time and effort during troubleshooting.

  • Verify File Integrity: When facing configuration-related issues, always verify the integrity of the files in the relevant directories.

  • Environmental Factors Matter: Be mindful of environmental factors that could impact your setup, especially in production environments.

  • Document Your Steps: Documenting your troubleshooting steps can help you and your team resolve similar issues faster in the future.

Conclusion
Troubleshooting CORS issues in WSO2 APIM can be challenging, especially when the root cause isn’t immediately apparent. In this case, the missing _cors_request_handler_.xml file was the culprit, and restoring it resolved the issue. By sharing this experience, I hope to help others facing similar challenges and emphasize the importance of thorough investigation and proper backups. If you’ve encountered similar issues or have additional insights, feel free to share them in the comments below. Let’s learn and grow together!


Location: P52, South Extension II, Block P, New Delhi, Delhi 110049, India

Comments

Post a Comment

Popular posts from this blog

Oracle SOA Suite- Implementing Email Notification

-
Image
In this post, I am going to show how to implement email notifications in Oracle SOA Suite using BPEL process. So let's get started- Implementing email notification in Oracle SOA Suite consists of below steps: Environment- IDE- Oracle jDeveloper 11g Weblogic Server 12c Oracle SOA Suite 12c High Level Steps Keep ready email server settings. Configure & enable usermessagingdriver-email for target SOA servers via console. Setting up Email driver (usermessagingdriver-email )with email server settings via enterprise manager. Enable notifications for SOA workflows(make sure either All or EMail option is selected).. Create SOA composite application Deploy it on SOA server. Testing & done. 1. Keep ready email server settings. Keep ready your below email server settings: Outgoing Mail Server          : smtp.domain.com Outgoing Mail Server Port   : xxx Default From Address         : username@doamin...
Read more

Oracle SOA Suite 12c- PKIX path building failed & unable to find valid certification path to requested target

-
Image
Hi Everyone, in this blog I'll be writing one of the strange issue that has been encountered while working with a Oracle SOA composite running in Oracle IDAM environment and trying to invoke a SSL based remote service where SSL certification based exception has been thrown during the service invocation. Environment Oracle SOA Suite 12c  (HA Mode) Oracle IDAM 12c (HA Mode) Oracle Linux 7 External Web Service (SOAP Service) Problem Below is the exception thrown when trying to invoke an external webservice (SSL Based) via BPEL process- <bpelFault><faultType>0</faultType><remoteFault xmlns="http://schemas.oracle.com/bpel/extension"><part name="summary"><summary>oracle.fabric.common.FabricInvocationException: Unable to invoke endpoint URI "https://idam.uppclonline.com/soa-infra/services/default/DefaultOperationalApproval!5.12*soa_69e4734b-d8fe-4edf-b44e-e287f61c2ddf/SMSNotification%23ApprovalProcess/SMSNotification" succe...
Read more

Migration of Oracle SOA Suite Composite from 11g to 12c

-
Image
Recently I have came across a scenario where I have a business requirement of  migration of Oracle SOA Suite 11g(11.1.1.7.0) to 12c(12.1.3.0). Below are the different mechanisms I have tried to do, few of them failed and one succeeded. Working in Oracle SOA Suite 11g is completely different from 12c. In 11g, we need to install the jDeveloper(11.1.1.7) then SOA extension separately to be installed either via offline file  (download available at  https://www.oracle.com/ocom/groups/public/@otn/documents/webcontent/156082.xml ) or through jDeveloper top menu >>  Help >> Check for Updates >> SOA Extension.  While working with 12c doesn't involves such tedious job. Only single installer is required for jDeveloper/SOA/Weblogic and is available as QuickStart Installer(download available at https://www.oracle.com/technetwork/middleware/soasuite/downloads/index.html). Approach 1- Compress(Zip) SOA composite ...
Read more