There is one application in which application deployed in http://abc.ravi.bt.com domain .
Siteminder is being used to establish SSO for the application.
After every 5mins when user access the application they get redirected to https://abc.xyz.com(is the cookie provider server) which is in a different domain.
These cross domain http requests fails to reach the actual server and error out with the following exception in the browser ? ?XMLHttpRequest cannot load https://abc.xyz.com/SmMakeCookie.ccc?SMSESSION=?%2ecom%2fcqm%2fquotes%3fcustomerID%3d170953%26salesChannel%3dBT%2bAMERICAS. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://sap.ravi.bt.com' is therefore not allowed access.? As a result every http request, send in after every 5 mins ,from our client (browser) is failing and fetching no result.
Which is causing major problem in client side. Application team tried adding following Header para to Request & Response Header in client & Http webserver config ? ?Access-Control-Allow-Origin: *?.
However it?s didn?t resolve the problem however we tried setting response attribute header as ?Access-Control-Allow-Origin? name and value as * but didn?t work.