If your solution requires cross domain access (for instance, if your solution uses the Hyland Cloud), the following requirements must be met during the configuration and installation of your solution:
-
When modifying configuration files with URL information, always use lowercase. Cross domain cookies will fail if the case does not match for the URLs you enter during configuration.
-
The dmsVirtualRoot setting in the GIS Service web.config file must point to the Hyland Cloud load balance endpoint.
-
Within the sessionState setting in the GIS Service web.config file, the cookieSameSite attribute must be set to None.
-
The following attribute must be manually added to the <httpCookies> element in the GIS Service web.config file: requireSSL="true". For example: <httpCookies httpOnlyCookies="true" requireSSL="true"/>
-
If using a widget, the widget configuration file (typically a JSON file) must be configured to point to the Hyland Cloud load balance endpoint. The casing of the URL must exactly match the dmsVirtualRoot setting in the widget configuration file.
-
A pooled user account must be configured.
-
CORS headers must be sent, either using the GIS Service or via IIS or a load balancer.
-
To use the GIS Service to send CORS headers, set the EnableCORS setting in the GIS Service web.config file to true and configure the AllowAll and domain host settings as required. For security purposes it is recommended to enter the specific domains you wish to have access in the domain host setting as opposed to using the AllowAll setting.
Tip:As of OnBase EP5, the EnableCORS setting is set to true by default
-
To send CORS headers via IIS or a load balancer, see your IIS or load balancer documentation.
-