||
Skip to end of metadata
Go to start of metadata

The content given here explains how you can enable some optional configurations for your application. The instructions given here are applicable to all applications (generic web applications, JAX-RS/JAX-WS applications and Jaggery application) that are deployable in WSO2 AS. 

Enable SaaS mode for applications

You can enable SaaS mode for your applications by configuring the META-INF/context.xml file relevant to each web application. This configuration allows the web application to be shared among multiple tenants.

To enable SaaS mode:

  1. Open the META-INF/context.xml file of your web application from the archive directory.
  2. Update the following section to enable/disable SaaS mode for your application:

    <Context>
    	<Realm className="org.wso2.carbon.tomcat.ext.realms.CarbonTomcatRealm" 
          enableSaaS="true" 
          saasRules="*"  />
    </Context>
    • The enableSaaS parameter can be set to "true" or "false". The value you give for this parameter will depend on the use case. 

    • The saasRules parameter controls how the web application should be shared among tenants. For example, consider that a tenant wants to share its web application with wso2.com, foo.com and bar.com. You can change the parameter value according to the use case as shown below.

      If all tenants can access this application, enter the following:

      <Context>
      	<Realm className="org.wso2.carbon.tomcat.ext.realms.CarbonTomcatRealm" 
            enableSaaS="true" 
            saasRules="*"  />
      </Context>

      If all tenants except foo.com and bar.com can access this application, enter the following:

      <Context>
      	<Realm className="org.wso2.carbon.tomcat.ext.realms.CarbonTomcatRealm" 
            enableSaaS="true" 
            saasRules="*, !foo.com,!bar.com"  />
      </Context>

      If only foo.com and bar.com (all users) can access this application, enter the following:

      <Context>
      	<Realm className="org.wso2.carbon.tomcat.ext.realms.CarbonTomcatRealm" 
            enableSaaS="true" 
            saasRules="foo.com,bar.com"  />
      </Context>

      If only Sam and admin in foo.com tenant and all users in bar.com tenant can access this application, enter the following: 

      <Context>
      	<Realm className="org.wso2.carbon.tomcat.ext.realms.CarbonTomcatRealm" 
            enableSaaS="true" 
            saasRules="foo.com;users=Sam,admin,bar.com"  />
      </Context>

If you have not configured SaaS for your application as explained above, you will be warned with the following message when the application is invoked: "To enable SaaS mode for the webapp, "<webapp-name>", configure the CarbonTomcatRealm in META-INF/context.xml".

Enabling CORS for applications

If required, you can enable CORS (cross origin resource sharing) for web applications by adding the CORS filter to the web.xml file as shown in the following example. 

<filter>
    <filter-name>CorsFilter</filter-name>
    <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
    <init-param>
        <param-name>cors.allowed.origins</param-name>
        <param-value>*</param-value>
    </init-param>
    <init-param>
        <param-name>cors.allowed.methods</param-name>
        <param-value>GET,POST,HEAD,OPTIONS,PUT,DELETE,PATCH</param-value>
    </init-param>
</filter>
<filter-mapping>
    <filter-name>CorsFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

The parameters used in this example are as follows:  

  • The cors.allowed.origins parameter is used to specify the web domains that should be allowed to share resources with the web application. The domain names should be specified as parameter values. If the parameter value is set to '*' as shown above, or if this parameter is not used at all, resource sharing will be allowed for all origins (all web domains). 
  • The cors.allowed.methods parameter is used to specify the type of requests for which CORS should be enabled. You can list the allowed methods as parameter values. 
  • No labels