When accessing the SAS BI Web Service interface in SAS 9.4M8, the following CORs error might occur in the browser console logging for the /SASBIWS/services/path_to_stored_process?WSDL URL:
Access to XMLHttpRequest at 'https://server.domain:port/SASBIWS/services/path_to_stored_process?WSDL' from origin 'https://orgin.domain' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status
This error message might vary between browsers, but the URL that it points to (/SASBIWS/services/path_to_stored_process?WSDL) stays the same.
SAS® Web Application Server returns an HTTP 405 in response to OPTIONS /SASBIWS/services/path_to_stored_process?WSDL. You can verify whether an HTTP 405 response occurred by reviewing the server's local host access logs.
Once you apply the hot fix for this issue, you must update the SASServer1_1 web application server web.xml to enable the updates to allow CORS preflight checks:
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
Change the above entry as follows:
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>optionsRequestFilter</filter-name>
<filter-class>com.sas.web.services.filter.OptionsRequestFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>optionsRequestFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>