Syncplicity Support

Search our knowledgebase to get the help you need, today

Follow

Unable to list, upload and download files in SVA-protected folders

Users can login to MySite with an SSO account credentials but cannot list, upload, download files because SV Authentication on the StorageVault is failing.

The authentication fails by default when MY Site and Storage Connector are located in different domains.

Problem

In the my.syncplicity site, users are unable to browse shared folders that are hosted оn StorageVaults with authentication (SVA) and cannot upload files to them.

The Developer tools Console of the browser displays an exception error related to CORS policy. 

Access to XMLHttpRequest at <folder and server name> from origin <domain name> has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested source.

 

Cause

In Storage Connector 2.22.x, the Access-Control-Allow-Origin header is defined in property syncplicity.ws.cors in file /etc/syncp-storage/syncp-storage.conf that is located in the Storage Connector virtual appliance.

The default value https://*.syncplicity.com for property syncplicity.ws.cors contains a wildcard that is not properly interpreted. As a result, the Access-Control-Allow-Origin header is treated as invalid and the access control check fails.

Therefore, users cannot execute any operations on an SVA-protected StorageVault when My Site and Storage Connector are not in the same domain.

Solution

Remove the default value for property syncplicity.ws.cors and do not use values that contain wildcards.

  1. On the Storage Connector virtual appliance, open file  for editing.
    To edit in vi editor, run the following command:
    vi 
      /etc/syncp-storage/syncp-storage.conf
  2. Locate the  syncplicity.ws.cors property and verify that its value does not contain wildcards.
    The property type is semi-colon delimited. List all domains that you want to include for cross-domain resource sharing in StorageVaults with authentication.
    For example, https://syncplicity.onelogin.com;https://1layer.syncplicity.com;https://my.syncplicity.com;https://eu.syncplicity.com;

 

 

Powered by Zendesk