[keycloak-user] No 'Access-Control-Allow-Origin' header is present on the requested resource

Grant Marrow grantmarrow at gmail.com
Wed Nov 16 15:07:41 EST 2016


Ok below is a step by step of events:

1. User navigates to web application at http://localhost:9000

2. Use clicks the sign in button at http://localhost:9000/login

3. User is redirected to keycloak at http://localhost:8080 to login

4. Once signed in the user ia redirected to http://localhost:9000

5. Authenticated User navigates to registrations page at
http://localhost:9000/registrations. During this step a http GET request is
done to http://localhost:8081/leap-service/resouces/private/registrations.

At the above step the error occurs. Please let me know if you need more
information. Thanks

Regards
Grant
On 16 Nov 2016 20:26, "Grant Marrow" <grantmarrow at gmail.com> wrote:

> Hi Chris
>
> Thanks for getting back to me.  I have done that and it didnt work.  I
> have also tired adding *. That did not work as well. What else can I try?
>
> Please let me know. Thanks
>
> Regards
> Grant
> On 16 Nov 2016 20:15, "Chris Savory" <chris.savory at edlogics.com> wrote:
>
>> In the admin, click on Clients, then select your client.  Do you have any
>> values for “Web Origins” there?  If not, you need to add
>>http://localhost:9000’
>>
>> --
>> Christopher Savory
>> Software Engineer | EdLogics
>> www.edlogics.com <http://www.edlogics.com/>
>>
>>  <http://www.edlogics.com/>
>>  <https://www.linkedin.com/company/edlogics> <
>> https://twitter.com/EdLogics>
>>
>> On 11/16/16, 1:08 PM, "keycloak-user-bounces at lists.jboss.org on behalf
>> of Grant Marrow" <keycloak-user-bounces at lists.jboss.org on behalf of
>> grantmarrow at gmail.com> wrote:
>>
>>     Hi,
>>
>>     I really need some help. I keep on getting the following error:
>>
>>
>>     *No 'Access-Control-Allow-Origin' header is present on the requested
>>     resource. Origin 'http://localhost:9000 <http://localhost:9000/>' is
>>     therefore not allowed access. The response had HTTP status code 500.*
>>
>>     This is my setup:
>>
>>     *Front End:*
>>     - angular 1.5 web application running at http://localhost:9000
>>     - client configuration on keycloak admin console:
>>     - keycloak.json:
>>
>>     {
>>       "realm": "leap",
>>       "auth-server-url": "http://localhost:8080/auth",
>>       "ssl-required": "external",
>>       "resource": "leap-web",
>>       "public-client": true
>>     }
>>
>>
>>     *Auth Server*
>>     - keycloak version 2.30Final running at http://localhost:8080
>>
>>     *Web service*
>>     - java REST service running on Tomcat version 8.5
>>     - client config on keycloak admin console:
>>     - web.xml of rest service:
>>
>>     <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
>> xmlns="
>>     http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="
>>     http://java.sun.com/xml/ns/javaee
>>     http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID"
>>     version="3.0">
>>       <display-name>Archetype Created Web Application</display-name>
>>       <module-name>leap-service</module-name>
>>      <listener>
>>         <listener-class>com.hm.leap.service.init.ContextListener</li
>> stener-class>
>>
>>       </listener>
>>     <context-param>
>>     <param-name>persistentUnit</param-name>
>>     <param-value>leap</param-value>
>>     </context-param>
>>
>>       <security-constraint>
>>       <web-resource-collection>
>>       <web-resource-name>Leap-Service</web-resource-name>
>>       <url-pattern>/resources/private/*</url-pattern>
>>       </web-resource-collection>
>>       <auth-constraint>
>>       <role-name>user</role-name>
>>       </auth-constraint>
>>       </security-constraint>
>>
>>        <login-config>
>>             <auth-method>KEYCLOAK</auth-method>
>>             <realm-name>leap</realm-name>
>>        </login-config>
>>
>>       <security-role>
>>       <role-name>user</role-name>
>>       </security-role>
>>
>>     </web-app>
>>
>>     - I also have the valve setup on my context.xml that lives in the
>> META-INF
>>     directory
>>     <Context path="/leap-service">
>>     <Valve
>>     className="org.keycloak.adapters.tomcat.KeycloakAuthenticatorValve"/>
>>
>>     </Context>
>>
>>     - keycloak.json:
>>
>>     {
>>       "realm": "leap",
>>       "bearer-only": true,
>>       "auth-server-url": "http://localhost:8080/auth",
>>       "ssl-required": "external",
>>       "resource": "leap-service",
>>       "enable-cors": true
>>     }
>>
>>     The error occurs in the following scenario:
>>     - The angular web app launches, the user clicks the login button which
>>     redirects to Keycloak. The user signs in. The user then tries
>> navigates to
>>     another page. This page then executes a GET request on my REST service
>>     which returns a list which is displayed in a table. But while
>> executing the
>>     GET request, I receive the error:
>>
>>     *No 'Access-Control-Allow-Origin' header is present on the requested
>>     resource. Origin 'http://localhost:9000 <http://localhost:9000/>' is
>>     therefore not allowed access. The response had HTTP status code 500.*
>>
>>     In my Tomcat log file. I see the following warning message:
>>
>>
>>     *11-Nov-2016 11:28:19.464 WARNING [http-nio-8081-exec-2]
>>     org.apache.catalina.authenticator.FormAuthenticator.forwardToLoginPage
>> No
>>     login page was defined for FORM authentication in context
>> [/leap-service]*
>>
>>     I really can't seen to pinpoint the error. I find it quite strange
>> because
>>     I have the same setup but using an older version of keycloak (1.9*),
>> which
>>     worked fine. I know this might be a silly problem, but if you have
>> some
>>     time to help me, I would really appreciate it. Thanks.
>>
>>     Regards
>>     Grant
>>     _______________________________________________
>>     keycloak-user mailing list
>>     keycloak-user at lists.jboss.org
>>     https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>>
>>


More information about the keycloak-user mailing list