Idea Details

Enable .fcc page to support OPTIONS method

Last activity 15 days ago
Pasquale_Russo's profile image
09-14-2018 03:46 AM



-------- THE PROBLEM ----------

We discovered that any webagent (webagent on IIS for instance or any Secure Proxy) isn't able to handle an OPTIONS request when it is executed directly in a .fcc page.

-------- THE PROBLEM ----------\


-------- DETAILS ----------

In large customer environment it usually happens that the user's browser (for different reasons) tries to initialized a pre-flight request (a CORS request) using the OPTIONS method.

When this happens in a standard protected resource, it works correctly: just adding the OPTIONS method to the webagent and to the rule. In this case the request got a 200.

When the OPTIONS request is directed to a login.fcc page, the agent handles in a different way the request, due that in the request there is the presence of "login.fcc" words. In this case the user got an Error 500 and the CORS reqest fails

-------- DETAILS ----------\


------- LOGS for references ---------

An OPTIONS request to a login.fcc causes this error:

[08/23/2018][16:40:52][2728][2568][CSmHttpPlugin.cpp:8792] [CSmHttpPlugin::ProcessAdvancedAuthResource][000080fe00000000c4dc8c3459a112a4- 0aa8-5b7ec774-0a08-032f1343][][][][][][HTTP method options not supported in Advanced Auth]

------- LOGS for references ---------\


------- Environment ---------

SSO 12.8 and 12.52

Webagent 12.52 SP1 (latest CR)

SPS 12.7 on Windows

------- Environment ---------\



-------- IDEA - REQUEST ----------

The idea/request is to enable the support of OPTIONS method requests point directly to a login.fcc page.

-------- IDEA - REQUEST ----------\




Pasquale Russo


12-17-2018 05:15 PM

This CORS support should be for all .*cc files. scc. .fcc, .ccc etc. The product should support CORS across the board.

11-14-2018 05:49 AM

Good Idea, voting Yes

10-17-2018 11:42 AM

Thank you for your contribution of an enhancement idea to the CA Community. CA is continually working to improve its software and services to best meet the needs of its customers. Your input is vital to that effort. The CA Single Sign-On Product Management team is reviewing your enhancement suggestion following the process outlined here: 

The Community will continue to be able to vote on this enhancement idea.