Thanks for the link Anthony, but as you can see, it was already posted and tried on my initial post.
Since then, we have dumb down a little the issue to the fact that simply having the Restful Service on the BOE server and the Tomcat on another server is causing this issue. Nothing to do for now with load balancers. Having the Design Studio application launch from BI LaunchPad which has a different URL then the destination server where we do Restful calls is creating the CORS issue. And seems it's only the logon/adsso feature of Restful. When using logon/long, it seems to go through and pass through the CORS.
Currently, I'm testing it out with WebI as I just learned from Rogerio that you can do javascript and implement Restful calls directly in WebI. As I am launching from WebI which normally uses the URL of Tomcat for the BI LaunchPad, and within the WebI, I create Restful calls to the Restful service which resides on another server. We'll see if the logon/adsso will go through... I right now that the logon/long works fine.
Why is this multiple tier installation causing issues? Shouldn't it be ok to have split the services into multiple servers? Could it be that because the Restful service is relying on another application server (WACS) instead of Tomcat, so it's like having a completely different system which we need to communicate? Moving the WACS server to the same server as the Tomcat would be a probable solution but it's not something we really want to go forward with. That would put a burden to Tomcat has we are thinking of using the Restful services to the max, thus having it's own ressources.
Any thoughts?