Forum Stats

  • 3,769,349 Users
  • 2,252,952 Discussions


ORDS 21.2 Cross Origin Sharing Request issue

apexwebdeveloper Member Posts: 2 Green Ribbon

First here is the run down of what I have running.

  1. Using AWS EC2, running RHEL 7.6 with an Oracle XE and Apex 21.1 installed

  2. On that instance I have tomcat 9.0.50 and ORDS installed

  3. I am using AWS Certificate Manager for SSL/HTTPS

  4. Also using AWS Application Load Balancer, with listeners on port 8080 redirecting to 443 and 443 forwarding to port 8080

Here is the issue:

    I can access the builder login page via HTTPS, but when I try to login I get "403 Forbidden" with the message of "The request cannot be processed because this resource does not support Cross Origin Sharing requests, or the request Origin is not authorized to access this resource. If ords is being reverse proxied ensure the front end server is propagating the host name, for mod_proxy ensure ProxyPreserveHost is set to On". I get this same issue when trying to log into an application as well. If you hit http://ip_address:8080/ords, I am able to login without issue.

  I have tried many different things to try to resolve this, but nothing has worked so far. I found in the documentation for ORDS 21.1 where it states to configure "security.externalSessionTrustedOrigins", not sure where this is configured. It looks like in the ords default.xml file, which I tried but did not work.

  I am not an AWS expert, but very comfortable working with several of their services and usually can google my way out of any road block, except this one.

So, any help/advice on resolving this issue or better ways of setting this up is greatly appreciated. FYI, this is for a startup company that I am working for so trying to costs as low as possible.