Cisco Unity Connection CrossOrigin Resource Sharing
(CORS) for VMRest APIs
CORS TOI for TAC
Presenter Name: Aastha Wal
Date: 20th March 2014
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
1
• Abbreviations
• What is CORS?
Overview
Cisco Unity Connection APIs Supported
• Under the Hood
Network Messaging
• Configuration Using Cisco Unity Connection Administration
Administration Pages
• Troubleshooting
Checklist for CORS configuration
CORS scenarios
Tools for Debugging
Additional Information
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
2
• API
: Application Programming Interface
• CORS
: Cross Origin Resource Sharing
• CUCA
: Cisco Unity Connection Administration
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
3
What is CORS?
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
4
• Cross-Origin Resource Sharing is a standard mechanism that can be used by all browsers
for implementing cross-domain requests.
• It allows one site to access another site’s resources despite being under different domains.
Unity Connection:
• Earlier in Unity Connection Cross-domain requests was not supported due to Same Origin
Policy.
• CORS Support in VMRest in 10.5 release and onwards :
- To support access of Unity Connection deployed in multi-domain environment.
- It provides a way to allow list of “cross-domain” sites to interact with Unity
Connection using VMRest APIs.
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
5
• All VMRest APIs:
- CUPI (Cisco Unity Connection Provisioning Interface)
- CUMI (Cisco Unity Connection Messaging Interface)
- CUTI (Cisco Unity Connection Telephony Interface)
- CUNI (Cisco Unity Connection Notification Interface)
- CUII (Cisco Unity Connection Imaging Interface)
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
6
Under the Hood
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
7
• OPTIONS
• Rest Method (Head, Get, Put, Post, Delete)
Options – Do I have the access I’m requesting
Foreign
API
Server
Rest Method
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
8
Configuration
Using
Cisco Unity Connection
Administration
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
9
CUCA tree
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
10
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
11
Wild cards allowed as a
stand alone entry or only
after the protocol
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
12
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
13
Troubleshooting
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
14
• The browser must trust certificate of the original server(Cisco Unity Connection).
• The domain should be configured in the Unity Connection.
• Appropriate permissions should be given to the domain for initiating CORS request. There
are two access types, Read-Only access (GET, HEAD) and Full-access (GET, HEAD,
POST, PUT, DELETE).
• Browser can cache the preflight request based on the response header “Access-Control-
Max-Age” (in seconds). Default value is 1800 seconds / 30 mins. If changes to the
configuration is made, browser cache should be cleared to reflect that change.
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
15
No entry of domain on CORS page in CUCA
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
16
•
Here the domain entry is present on CORS page in CUCA and Read-Only access is provided.
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
17
•
Sending PUT request however in CUCA only Read-Only access is provided
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
18
•
Sending PUT request when in CUCA Full-access is provided
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
19
Following log files can be collected from RTMT:
• VMRest logs - diag_Tomcat_*.uc
• Localhost logs – localhost_access_log.txt
Below are the steps to follow on RTMT
•
Login to RTMT
•
Goto: System  Tools  Trace  Trace & Log Central
•
For diag_Tomcat logs: Click on Collect files  select Connection
TomcatApplication  finish
•
For localhost logs: Click on collect files  click next  select Cisco Tomcat 
finish
Log files will be downloaded <Path will be mentioned on the screen>
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
20
• Firefox add-on Firebug
• Fiddler
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
21
Browsers that support CORS
• http://caniuse.com/cors
Web Sites
• http://www.w3.org/TR/cors
• http://www.nczonline.net/blog/2010/05/25/cross-domain-ajax-withcross-origin-resource-sharing/
• https://developer.mozilla.org/enUS/docs/HTTP/Access_control_CORS?redirectlocale=enUS&redirectslug=HTTP_access_control
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
22