TM1 Forum

Hello Everyone,

I have a situation where my client wants to access TM1 web through Chrome. We have a F5 Load balancer on top of 2 web servers. I was able to modify the browser settings as per the technote but login only works when i login through the individual webserver URLs. Login works fine with Load balancer URL on IE but on Chrome/Firefox it gives below error:

Failed to load http://webserver1.net/tm1websso/Login.a ... er=server1: The 'Access-Control-Allow-Origin' header has a value 'http://webserver1.net:9510' that is not equal to the suppliedorigin. Origin 'http://loadbalancerurl' is therefore not allowed access.

Please let me know how we can enable CORS by modifying the config file in TM1.

Below is one of the technotes which i was going through.

https://www.netsparker.com/web-vulnerab ... in-header/

Current Configuration:

TM1 10.2.2
1 Admin Server
2 Webserver
1 Load Balancer(F5, Round Robin)
Users using TM1 web

Regrads
Sumit

Moved to the correct forum.

The issue has been resolved now.

We are utilizing SSO with Kerberos/IIS (Security mode 3) on TM1 10.2.2 with a special package as it is not supported in official release(hence even PMR support is not available for us). The web.config file used in that was pointing to individual webserver(it should point to Load balancing URL). Once we changed that and restarted web services it started working without any issues.

Regards
Sumit