cisco unity connection cross-origin resource sharing (cors ) for vmrest apis
DESCRIPTION
Cisco Unity Connection Cross-Origin Resource Sharing (CORS ) for VMRest APIs. CORS TOI for TAC. Presenter Name: Aastha Wal Date : 20 th March 2014. Agenda – Cisco CORS. Abbreviations What is CORS? Overview Cisco Unity Connection APIs Supported Under the Hood Network Messaging - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Cisco Unity Connection Cross-Origin Resource Sharing (CORS ) for VMRest APIs](https://reader035.vdocuments.net/reader035/viewer/2022081507/568162b1550346895dd339e3/html5/thumbnails/1.jpg)
Cisco Confidential© 2010 Cisco and/or its affiliates. All rights reserved. 1
Cisco Unity Connection Cross-Origin Resource Sharing (CORS) for VMRest APIs
Presenter Name: Aastha Wal
Date: 20th March 2014
CORS TOI for TAC
![Page 2: Cisco Unity Connection Cross-Origin Resource Sharing (CORS ) for VMRest APIs](https://reader035.vdocuments.net/reader035/viewer/2022081507/568162b1550346895dd339e3/html5/thumbnails/2.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
Agenda – Cisco CORS
• Abbreviations • What is CORS?
Overview Cisco Unity Connection APIs Supported
• Under the HoodNetwork Messaging
• Configuration Using Cisco Unity Connection AdministrationAdministration Pages
• TroubleshootingChecklist for CORS configurationCORS scenarios Tools for DebuggingAdditional Information
![Page 3: Cisco Unity Connection Cross-Origin Resource Sharing (CORS ) for VMRest APIs](https://reader035.vdocuments.net/reader035/viewer/2022081507/568162b1550346895dd339e3/html5/thumbnails/3.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
Abbreviations
• API : Application Programming Interface• CORS : Cross Origin Resource Sharing• CUCA : Cisco Unity Connection Administration
![Page 4: Cisco Unity Connection Cross-Origin Resource Sharing (CORS ) for VMRest APIs](https://reader035.vdocuments.net/reader035/viewer/2022081507/568162b1550346895dd339e3/html5/thumbnails/4.jpg)
Cisco Confidential© 2010 Cisco and/or its affiliates. All rights reserved. 4
What is CORS?
![Page 5: Cisco Unity Connection Cross-Origin Resource Sharing (CORS ) for VMRest APIs](https://reader035.vdocuments.net/reader035/viewer/2022081507/568162b1550346895dd339e3/html5/thumbnails/5.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
CORS
• Cross-Origin Resource Sharing is a standard mechanism that can be used by all browsers for implementing cross-domain requests.
• It allows one site to access another site’s resources despite being under different domains.
Unity Connection:
• Earlier in Unity Connection Cross-domain requests was not supported due to Same Origin Policy.
• CORS Support in VMRest in 10.5 release and onwards :
- To support access of Unity Connection deployed in multi-domain environment.
- It provides a way to allow list of “cross-domain” sites to interact with Unity Connection using VMRest APIs.
![Page 6: Cisco Unity Connection Cross-Origin Resource Sharing (CORS ) for VMRest APIs](https://reader035.vdocuments.net/reader035/viewer/2022081507/568162b1550346895dd339e3/html5/thumbnails/6.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
Which Cisco Unity Connection API’s currently support CORS• All VMRest APIs:
- CUPI (Cisco Unity Connection Provisioning Interface)- CUMI (Cisco Unity Connection Messaging Interface)- CUTI (Cisco Unity Connection Telephony Interface)- CUNI (Cisco Unity Connection Notification Interface)- CUII (Cisco Unity Connection Imaging Interface)
![Page 7: Cisco Unity Connection Cross-Origin Resource Sharing (CORS ) for VMRest APIs](https://reader035.vdocuments.net/reader035/viewer/2022081507/568162b1550346895dd339e3/html5/thumbnails/7.jpg)
Cisco Confidential© 2010 Cisco and/or its affiliates. All rights reserved. 7
Under the Hood
![Page 8: Cisco Unity Connection Cross-Origin Resource Sharing (CORS ) for VMRest APIs](https://reader035.vdocuments.net/reader035/viewer/2022081507/568162b1550346895dd339e3/html5/thumbnails/8.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
Two requests are sent
ForeignAPIServer
• OPTIONS• Rest Method (Head, Get, Put, Post, Delete)
Options – Do I have the access I’m requesting
Rest Method
![Page 9: Cisco Unity Connection Cross-Origin Resource Sharing (CORS ) for VMRest APIs](https://reader035.vdocuments.net/reader035/viewer/2022081507/568162b1550346895dd339e3/html5/thumbnails/9.jpg)
Cisco Confidential© 2010 Cisco and/or its affiliates. All rights reserved. 9
ConfigurationUsingCisco Unity Connection Administration
![Page 10: Cisco Unity Connection Cross-Origin Resource Sharing (CORS ) for VMRest APIs](https://reader035.vdocuments.net/reader035/viewer/2022081507/568162b1550346895dd339e3/html5/thumbnails/10.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
From the CUCA tree select CORS Under System Settings
![Page 11: Cisco Unity Connection Cross-Origin Resource Sharing (CORS ) for VMRest APIs](https://reader035.vdocuments.net/reader035/viewer/2022081507/568162b1550346895dd339e3/html5/thumbnails/11.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
Cross-Origin Resource Sharing (CORS)
![Page 12: Cisco Unity Connection Cross-Origin Resource Sharing (CORS ) for VMRest APIs](https://reader035.vdocuments.net/reader035/viewer/2022081507/568162b1550346895dd339e3/html5/thumbnails/12.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
CORS “Add New”
Wild cards allowed as a stand alone entry or only after the protocol
![Page 13: Cisco Unity Connection Cross-Origin Resource Sharing (CORS ) for VMRest APIs](https://reader035.vdocuments.net/reader035/viewer/2022081507/568162b1550346895dd339e3/html5/thumbnails/13.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
CORS “Find”
![Page 14: Cisco Unity Connection Cross-Origin Resource Sharing (CORS ) for VMRest APIs](https://reader035.vdocuments.net/reader035/viewer/2022081507/568162b1550346895dd339e3/html5/thumbnails/14.jpg)
Cisco Confidential© 2010 Cisco and/or its affiliates. All rights reserved. 14
Troubleshooting
![Page 15: Cisco Unity Connection Cross-Origin Resource Sharing (CORS ) for VMRest APIs](https://reader035.vdocuments.net/reader035/viewer/2022081507/568162b1550346895dd339e3/html5/thumbnails/15.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
Checklist for CORS configuration• The browser must trust certificate of the original server(Cisco Unity Connection).
• The domain should be configured in the Unity Connection.
• Appropriate permissions should be given to the domain for initiating CORS request. There are two access types, Read-Only access (GET, HEAD) and Full-access (GET, HEAD, POST, PUT, DELETE).
• Browser can cache the preflight request based on the response header “Access-Control-Max-Age” (in seconds). Default value is 1800 seconds / 30 mins. If changes to the configuration is made, browser cache should be cleared to reflect that change.
![Page 16: Cisco Unity Connection Cross-Origin Resource Sharing (CORS ) for VMRest APIs](https://reader035.vdocuments.net/reader035/viewer/2022081507/568162b1550346895dd339e3/html5/thumbnails/16.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
CORS GET request (failure scenario)No entry of domain on CORS page in CUCA
![Page 17: Cisco Unity Connection Cross-Origin Resource Sharing (CORS ) for VMRest APIs](https://reader035.vdocuments.net/reader035/viewer/2022081507/568162b1550346895dd339e3/html5/thumbnails/17.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
CORS GET request (success scenario)• Here the domain entry is present on CORS page in CUCA and Read-Only access is provided.
![Page 18: Cisco Unity Connection Cross-Origin Resource Sharing (CORS ) for VMRest APIs](https://reader035.vdocuments.net/reader035/viewer/2022081507/568162b1550346895dd339e3/html5/thumbnails/18.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
CORS PUT request (failure scenario)• Sending PUT request however in CUCA only Read-Only access is provided
![Page 19: Cisco Unity Connection Cross-Origin Resource Sharing (CORS ) for VMRest APIs](https://reader035.vdocuments.net/reader035/viewer/2022081507/568162b1550346895dd339e3/html5/thumbnails/19.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
CORS PUT request (success scenario)• Sending PUT request when in CUCA Full-access is provided
![Page 20: Cisco Unity Connection Cross-Origin Resource Sharing (CORS ) for VMRest APIs](https://reader035.vdocuments.net/reader035/viewer/2022081507/568162b1550346895dd339e3/html5/thumbnails/20.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20
Collect Logs from RTMT
Following log files can be collected from RTMT:
• VMRest logs - diag_Tomcat_*.uc
• Localhost logs – localhost_access_log.txt
Below are the steps to follow on RTMT• Login to RTMT
• Goto: System Tools Trace Trace & Log Central
• For diag_Tomcat logs: Click on Collect files select Connection TomcatApplication finish
• For localhost logs: Click on collect files click next select Cisco Tomcat finish
Log files will be downloaded <Path will be mentioned on the screen>
![Page 21: Cisco Unity Connection Cross-Origin Resource Sharing (CORS ) for VMRest APIs](https://reader035.vdocuments.net/reader035/viewer/2022081507/568162b1550346895dd339e3/html5/thumbnails/21.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21
Tools for Debugging CORS
• Firefox add-on Firebug
• Fiddler
![Page 22: Cisco Unity Connection Cross-Origin Resource Sharing (CORS ) for VMRest APIs](https://reader035.vdocuments.net/reader035/viewer/2022081507/568162b1550346895dd339e3/html5/thumbnails/22.jpg)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22
Additional Information Browsers that support CORS
• http://caniuse.com/cors
Web Sites • http://www.w3.org/TR/cors• http://www.nczonline.net/blog/2010/05/25/cross-domain-ajax-with-cro
ss-origin-resource-sharing/
• https://developer.mozilla.org/en-US/docs/HTTP/Access_control_CORS?redirectlocale=en-US&redirectslug=HTTP_access_control