Ping Identity Data Governance Server - HTTP Servlet Cross Origin Policy

Data Governance Server Documentation Index
Configuration Reference Home

HTTP Servlet Cross Origin Policy

This object describes a configuration for handling Cross-Origin HTTP requests using the Cross Origin Resource Sharing (CORS) protocol, as defined at http://www.w3.org/TR/cors. An instance of HTTP Servlet Cross Origin Policy can be associated with zero or more HTTP Servlet Extensions to set the Cross-Origin policy for those servlets.

↓Relations to This Component
↓Properties
↓dsconfig Usage

Relations to This Component

The following components have a direct aggregation relation to HTTP Servlet Cross Origin Policies:

HTTP Servlet Extension

Properties

The properties supported by this managed object are as follows:

Basic Properties:	Advanced Properties:
↓ description	None
↓ cors-allowed-methods
↓ cors-allowed-origins
↓ cors-exposed-headers
↓ cors-allowed-headers
↓ cors-preflight-max-age
↓ cors-allow-credentials

Basic Properties

description

Description	A description for this HTTP Servlet Cross Origin Policy
Default Value	None
Allowed Values	A string
Multi-Valued	No
Required	No
Admin Action Required	None. Modification requires no further action

cors-allowed-methods

Description	A list of HTTP methods allowed for cross-origin access to resources. i.e. one or more of GET, POST, PUT, DELETE, etc.
Default Value	GET
Allowed Values	A string
Multi-Valued	Yes
Required	No
Admin Action Required	None. Modification requires no further action

cors-allowed-origins

Description	A list of origins that are allowed to execute cross-origin requests. A value of "" indicates that any origin is allowed to access the resource. (Use of "" is not recommended for resources where security or privacy is a significant concern.)
Default Value	No origins are allowed.
Allowed Values	A string
Multi-Valued	Yes
Required	No
Admin Action Required	None. Modification requires no further action

cors-exposed-headers

Description	A list of HTTP headers other than the simple response headers that browsers are allowed to access. These headers will be returned in the 'Access-Control-Expose-Headers' header of a response to a simple cross-origin request. The definition of a 'simple' response header can be found at http://www.w3.org/TR/cors.
Default Value	No non-simple headers are exposed.
Allowed Values	A string
Multi-Valued	Yes
Required	No
Admin Action Required	None. Modification requires no further action

cors-allowed-headers

Description	A list of HTTP headers that are supported by the resource and can be specified in a cross-origin request. These headers will be returned in the 'Access-Control-Allow-Headers' header of a pre-flight response.
Default Value	Origin Accept X-Requested-With Content-Type Access-Control-Request-Method Access-Control-Request-Headers Authorization
Allowed Values	A string
Multi-Valued	Yes
Required	No
Admin Action Required	None. Modification requires no further action

cors-preflight-max-age

Description	The maximum amount of time that a preflight request can be cached by a client.
Default Value	30 minutes
Allowed Values	A duration. Lower limit is 0 seconds.
Multi-Valued	No
Required	No
Admin Action Required	None. Modification requires no further action

cors-allow-credentials

Description	Indicates whether the servlet extension allows CORS requests with username/password credentials.
Default Value	false
Allowed Values	true false
Multi-Valued	No
Required	No
Admin Action Required	None. Modification requires no further action

dsconfig Usage

To list the configured HTTP Servlet Cross Origin Policies:

dsconfig list-http-servlet-cross-origin-policies
     [--property {propertyName}] ...

To view the configuration for an existing HTTP Servlet Cross Origin Policy:

dsconfig get-http-servlet-cross-origin-policy-prop
     --policy-name {name}
     [--tab-delimited]
     [--script-friendly]
     [--property {propertyName}] ...

To update the configuration for an existing HTTP Servlet Cross Origin Policy:

dsconfig set-http-servlet-cross-origin-policy-prop
     --policy-name {name}
     (--set|--add|--remove) {propertyName}:{propertyValue}
     [(--set|--add|--remove) {propertyName}:{propertyValue}] ...

To create a new HTTP Servlet Cross Origin Policy:

dsconfig create-http-servlet-cross-origin-policy
     --policy-name {name}
     [--set {propertyName}:{propertyValue}] ...

To delete an existing HTTP Servlet Cross Origin Policy:

dsconfig delete-http-servlet-cross-origin-policy
     --policy-name {name}