Enable Cross-Origin Resource Sharing

Knowledge Discovery Admin is accessed through action=Admin, a request that you send to the component's ACI port. However, some features require resources from the service port (and for some components, the index port). This means that the service and index ports must accept cross-origin requests. For security reasons, the permitted origins for cross-origin requests must be explicitly configured.

To configure cross-origin resource sharing (CORS)

  1. Stop the ACI server.

  2. Open the ACI server configuration file in a text editor.

  3. In the [Service] section, set the Access-Control-Allow-Origin parameter to the URLs that you want to use to access the interface.

    Each URL must include:

    • the http:// or https:// prefix

      NOTE: Use the https:// prefix after configuring your ACI server to accept requests over SSL. If SSL is enabled on a server's ACI port, it must also be enabled on the server's index and service ports. Knowledge Discovery Admin uses the same protocol to communicate with every port.

    • the host that Knowledge Discovery Admin is served from
    • the ACI port of the component that you are using Knowledge Discovery Admin for

    Separate multiple URLs with spaces.

    For example, you could specify different URLs for local and remote access to Knowledge Discovery Admin:

    Access-Control-Allow-Origin=http://localhost:9010 http://content.example.com:9010

    Alternatively, you can set Access-Control-Allow-Origin=*, which allows you to access Knowledge Discovery Admin using any valid URL (for example, localhost, direct IP address, or the host name). The wildcard character (*) is supported only if no other entries are specified.

    If you do not set the Access-Control-Allow-Origin parameter, Knowledge Discovery Admin can communicate only with the server’s ACI port, and not the index or service ports.

  4. Start the ACI server.

    You can now access Knowledge Discovery Admin (see Access Knowledge Discovery Admin).

CORS Configuration for the Proxy Component

If you deploy the Proxy component with a unified configuration, a single configuration file is used by all the child components. When setting Access-Control-Allow-Origin, list all of the origins necessary for each child component. For example:

Access-Control-Allow-Origin=https://content.example.com:9010 https://category.example.com:9020 https://community.example.com:9030