[keycloak-user] CORS setup
Zeus Arias Lucero | BEEVA
zeus.arias at beeva.com
Tue Jan 24 10:20:04 EST 2017
Sorry, it does not work.
You can write here the steps for a configuration correct
My client configuration is:
___________________________________________________________________________________
Client ID: app
Name: app
Description:
Enabled: ON
Consent Required: OFF
Client Protocol: openid-connect
Client Template:
Access Type: public
Standard Flow: ON
Implicit Flow: ON
Direct Access Grants: OFF
Authorization: OFF
Root URL: https://localhost:8080/sso/login
Base URL
Admin URL
Web Origins: https://localhost:8080
https://*:8080
https://*
_______________________________________________________________________________
My keycloak.json
{
"realm": "REALM",
"realm-public-key": "KEY",
"auth-server-url": "https://example:8443/auth",
"ssl-required": "all",
"enable-cors" : true,
"cors-max-age" : 10000,
"cors-allowed-methods" : "POST, PUT, DELETE, GET, HEAD",
"cors-allowed-headers" : "Access-Control-Allow-Origin, Origin, Accept,
X-Requested-With, Content-Type, Access-Control-Request-Method,
Access-Control-Request-Headers",
"resource": "app",
"public-client": true,
"principal-attribute": "preferred_username"
}
2016-12-02 11:25 GMT+01:00 Bruno Oliveira <bruno at abstractj.org>:
> Yes, take a look at the examples https://github.com/
> keycloak/keycloak/tree/master/examples/cors.
>
> On Fri, Dec 2, 2016 at 8:20 AM Zeus Arias Lucero | BEEVA <
> zeus.arias at beeva.com> wrote:
>
>> Hi,
>>
>> Is it possible to configure cors? Which are the steps?
>>
>> My config client is (json):
>>
>> {
>> "realm": "name",
>> "realm-public-key": "...",
>> "auth-server-url": "https://example:8443/auth",
>> "ssl-required": "all",
>> "resource": "name",
>> "enable-cors": true,
>> "cors-allowed-methods": "GET, HEAD, OPTIONS",
>> "cors-allowed-headers": "Origin, Accept, X-Requested-With, Content-Type,
>> Access-Control-Request-Method, Access-Control-Request-Headersl",
>> "credentials": {
>> "secret": "...."
>> },
>> "principal-attribute": "preferred_username"
>> }
>>
>>
>> And error the application is:
>>
>> XMLHttpRequest cannot load
>> https://keycloak_url:8443/auth/realms/name/protocol/open
>> …gin&state=1%2token&login=true&scope=openid.
>> No 'Access-Control-Allow-Origin' header is present on the requested
>> resource. Origin 'https://url_app' is therefore not allowed access.
>>
>> The Keycloak Response Header is:
>>
>> Cache-Control:no-store, must-revalidate, max-age=0
>> Connection:keep-alive
>> Content-Length:5257
>> Content-Security-Policy:frame-src 'self'
>> Content-Type:text/html;charset=utf-8
>> Date:Fri, 02 Dec 2016 09:37:15 GMT
>> Server:WildFly/10
>> Set-Cookie:KC_RESTART=COOKIE; Version=1; Path=/auth/realms/name; Secure;
>> HttpOnly
>> X-Content-Type-Options:nosniff
>> X-Frame-Options:SAMEORIGIN
>> X-Powered-By:Undertow/1
>>
>> Do I have to modify the file standalone.xml?
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
More information about the keycloak-user
mailing list