[keycloak-user] Enabling CORS
Bill Burke
bburke at redhat.com
Sun Feb 22 14:39:14 EST 2015
I should add that you have to specify valid origins in the admin console
for the application if you want to use our cors support.
On 2/22/2015 11:18 AM, Christopher Wallace wrote:
> I am seem to have a singifigant challenge getting CORS enabled in Tomcat
> for Keyloak. I have taken the following step:
>
> *enabled CORS in keycloak.json as follows:*
> "enable-cors" : true,
> "cors-max-age" : 1000,
> "cors-allowed-methods": "POST, PUT, DELETE, GET"
>
> *enabled CORS in web.xml as follows:
> *<filter>
> <filter-name>CORS</filter-name>
> <filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class>
> </filter>
> <filter-mapping>
> <filter-name>CORS</filter-name>
> <url-pattern>/*</url-pattern>
> </filter-mapping>
> *
> *
> *installed JARs in $CATALINA_HOME/lib:
> *
> 27723 Feb 22 11:02 cors-filter-2.3.jar
> 7847 Feb 22 11:04 java-property-utils-1.9.1.jar
>
> *recieve the following error
> *GET http://localhost:8082/auth/realms/worktrac/account [HTTP/1.1 403
> Forbidden 11ms]
>
> Cross-Origin Request Blocked: The Same Origin Policy disallows reading
> the remote resource at
> http://localhost:8082/auth/realms/worktrac/account. This can be fixed by
> moving the resource to the same domain or enabling CORS.
>
> *request URL is
> *http://localhost:8080/mprworktrac/userinfo.html*
> *
>
> --
> Chris Wallace
> cjwallac at gmail.com <mailto:cjwallac at gmail.com>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-user
mailing list