Hi All,
I know this is not the first time this has been mentioned. I have searched for
days for a solution without success, so I am hoping someone else has solved
this in a similar environment.
System:
Windows 2008 Web Server
IIS 7
Geoserver 2.1.4
The main website runs via IIS on ssl port 443
(https://geoserver.testdomain.com:443), whereas Geoserver's Jetty webserver
runs on port 8080, non-ssl (http://geoserver.testdomain.com:8080).
The issue arises when the openlayers javascript runs on the main website. All
WMS layers are fine, but javascript will not allow the WFS (XML) layers from
the other port. This returns Origin https://geoserver.testdomain.com:443is not
allowed by Access-Control-Allow-Origin.
I have tried a number of work-arounds, including:
Using IIS URL Rewrite
http://cartoninjas.pl/post/2010/10/12/Installing-GeoServer-on-Windows-7-(x32-or-x64)-and-IIS-75.aspx (returns
"forbidden" or "site not found" errors)
Modify Jetty access control
http://jetty.4.n6.nabble.com/Jetty-Access-Control-Allow-Origin-td4634198.html (causes
the jetty server to fail in starting up)
Using an IIS proxy
http://code.google.com/p/iisproxy/issues/detail?id=8 (returns a 500 - Internal
server error)
General Info
http://stackoverflow.com/questions/9327218/access-control-allow-origin-not-allowed-by
This is not the entire list, as some methods have been removed from my browser
history, but it will give you an idea of the steps taken.
I have not run the HTML / javascript directly from the WWW directory in
Geoserver, as the WFS / WMS connection strings include a username and password,
which would then be freely available to look at in the HTML document. Instead,
they are encapsulated within the current PHP scripts running on the main IIS
domain, which offers them some protection.
If anyone has any experience with this issue, I would be grateful to hear from
you.
Many thanks,
Rob
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Geoserver-users mailing list
Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users
