Trying to embed Clarity Portlets in Java web application page and getting error
Load denied by X-Frame-Options: http://Clarity.com/niku/nu#action:homeActionId does not permit cross-origin framing.
Need help to fix this config issue.
The message appears due to the following header being set in the responses by Clarity:
It is a 'hard coded' header, so the only way to configure around it would be things like either proxy the accesses to Clarity (using a 3rd party product) and have that proxy remove this header from the response, or something else that would probably be unsupported such as inserting some kind of a filter into Tomcat at a level that can intercept and control the response headers. As a personal test that wouldn't require any server changes, you can use a tool like Fiddler to act as a proxy and have it strip the header from the responses for your own workstation only.
The Use Filters checkbox needs to be enabled within it:
And then you can set to either delete the header entirely, or alter it to one of the other permitted values that may be better (but use one or the other lines/boxes, don't use both at once for the same header):
The latter option of programming a Tomcat filter is only a 'maybe' and probably requires enough coding knowledge in that area to have meant not needing to ask the question to begin with. The former option can be tested using Fiddler to make sure it will work, but then will require the implementation of a proxy server if not already in use that is correctly configured to pass through all the correct requests, whilst also stripping from the responses the headers that are not desired. Both of these options necessitate your Clarity instances being on premise and not On Demand. Both of these options may 'undo' the security restrictions that help to protect your system from being abused/hacked, so change those options under caution only.
Even if you get by X-FRAME-OPTIONS header the only thing you are going to see is the login screen. You will need a session for any real display.
If the portlets that you are interested in have a NSQL query data source, it isn't to hard to just pull the data into your java application and bind it to some UI component. For example, we have network technology refresh project which every location is a major milestone in the schedule. We have a NSQL query that provides each location status (red, yellow, green along with status comments). This is merged with location data (Lat / Lon) for the sites which is then fed into a Google map for display.
We pop it into a PPM html portlet but it could have been hosted in another web app.
Retrieving data ...