Domain Aliases (CORS)
Applies to Anywhere Client and Excel Add-In connections, not to VIC connections.
This topic describes the configuration of "cross-origin resource sharing" (CORS). You may need to use this at a smaller site if connecting using a machine alias, or at a larger site if using a third-party load-balancing server.
Intranet aliases
Servers can have aliases. For example your machine "scada1" is reachable from within your network using both http://scada1 and http://scada1.CompanyName.com. If you were to add only "scada1" to your VTScada Thin Client server list, you would find that the Anywhere Client works when you visit it via http://scada1 but fails immediately after logging in if you access it via http://scada1.CompanyName.com because that name is not on the server list.
To work around this, you can tell VTScada that the Anywhere Client may also be started when the address in the URL bar of the browser is "http://scada1.CompanyName.com" by adding "scada1.CompanyName.com = 1" into the Clients-AdditionalAllowedOrigins section of Setup.INI.
[Clients-AdditionalAllowedOrigins] scada1.CompanyName.com = 1
Note that VTScada will automatically allow "scada1" if "scada1.CompanyName.com" is on the server list, so if you have a working DNS setup, put the full domain name (i.e. including .CompanyName.com ) on the server list as it will work in more situations than simply entering "pn2" would.
Internet aliases for load-balancing
You may need to provide users with a single URL that, depending on which of the VTScada Thin Client Servers are presently running, will automatically refer to one or the another server. This configuration of a single URL with failover is sometimes used by hosted solution providers. It enables them to take one or the other server offline without needing to notify customers that they must use a backup URL pointing to the backup server. The ability to do this is known as "cross-origin resource sharing" (CORS).
As an example, given the following VTScada Thin Client Server list:
- primary.CompanyName.com
- backup.CompanyName.com
If customers connect to the Anywhere Client using https://primary.CompanyName.com or https://backup.CompanyName.com, then no additional configuration is necessary beyond what is normally done for configuring VIC servers.
However, customers with the resources to do so may prefer to install a load balancing server, ScadaCentral.CompanyName.com. This will not run VTScada or host a VTScada Thin Client Server and therefore will never be part of your VTScada Thin Client server list.
The "ScadaCentral.CompanyName.com" address would resolve externally to the load balancer, which would pick one of the VTScada servers and fetch the sign in page from there. Typically such a load balancer would handle any of the servers being unreachable and send the request to one of the backups, meaning that when primary.CompanyName.com is unreachable the load balancer would route the request to backup.CompanyName.com. This is ideal for the end user as they only have to be aware of a single address.
The problem with this scenario is that none of the actual VTScada servers are aware of the ScadaCentral.CompanyName.com address, and signing into the Anywhere Client will fail. The solution is to add "ScadaCentral.CompanyName.com = 1" into the Clients-AdditionalAllowedOrigins section in Setup.INI:
[Clients-AdditionalAllowedOrigins] ScadaCentral.CompanyName.com = 1
