Enterprise Resource Planning Blogs by Members
Gain new perspectives and knowledge about enterprise resource planning in blog posts from community members. Share your own comments and ERP insights today!
cancel
Showing results for 
Search instead for 
Did you mean: 
srikanthin
Participant
2,359
When API Gateway service is used in the frontend web application there is a CORS issue to access the API Gateway Service as there is no option to enable CORS This blog post will guide you through the steps to configure Nginx reverse proxy for API Gateway Service to overcome the CORS issue

 

Install Nginx


Operating System: SUSE Linux

Open a terminal window and enter the following to install Nginx:
zypper install nginx

Once the installation is finished use the below command to enable the Nginx:
sudo systemctl enable nginx

Below mentioned are the commands to start, stop and check the Nginx status:
sudo systemctl start nginx

Once the above command is used Nginx engine is started you can use http://<HOSTNAME / IP ADDRESS>:80 URL to check. You should see the below info on the web page sometimes you might also see 403 forbidden no need to worry!


 
sudo systemctl stop nginx

sudo systemctl status nginx

Configuration


Navigate to /etc/nginx/conf.d and create a file with .conf extension


 

Maintain the reverse proxy rules in the created .conf file. Below mentioned are the proxy rules which I have used you can even modify them according to your scenario.

server {

listen 443 ssl;
server_name <HOSTNAME>;
ssl_certificate <filename>.crt;
ssl_certificate_key <filename>.key; # The private key file

location / {

if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' 'https://<HOSTNAME>:<PORT>' always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
#
# Custom headers and headers various browsers *should* be OK with but aren't
#
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
#
# Tell client that this pre-flight info is valid for 20 days
#
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'application/json; charset=utf-8';
add_header 'Content-Length' 0;
return 204;
}
if ($request_method = 'POST') {
add_header 'Access-Control-Allow-Origin' 'https://<HOSTNAME>:<PORT>' always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
}
if ($request_method = 'GET') {
add_header 'Access-Control-Allow-Origin' 'https://<HOSTNAME>:<PORT>' always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
}
proxy_pass https://https://<HOSTNAME>:<PORT>/; #API Gateway Service URL
}


}

Restart the Nginx and check you should be able to access the API Gateway service on the Nginx HTTPS port
sudo systemctl restart nginx

 

Conclusion


In this blog post, I have covered Nginx installation in SUSE 15 Linux for configuring the reverse proxy to overcome the CORS issue for API Gateway Service.

I hope this blog post is helpful.

Thanks and Regards,

Srikanth

 
4 Comments
Labels in this area