[keycloak-user] KeyCloak Server and HTTP OPTIONS (JSF/Primefaces behind KC Adapter)
Sebastien Blanc
sblanc at redhat.com
Thu Mar 21 12:44:37 EDT 2019
Have you put a value for the Web Origin property in the client
configuration on the KC Console ?
On Thu, Mar 21, 2019 at 12:46 PM Raul Fechete <
rfechete at grid-applications.com> wrote:
> Hello,
>
> I'm trying to build what should be a trivial setup, but I'm having trouble
> getting to work properly.
>
> I have a JSF Application running on JBoss EAP 7.2, secured by the KC Java
> Adapter. The initial login flow works perfectly fine (browser asks for
> website, adapter intercepts and redirects to KC, user logs in with KC and
> is being redirected back to the website).
>
> Now, the JSF application often uses POST requests. If the user has been
> logged out (e.g. in KC directly), clicking anywhere on the website triggers
> a POST request to the application, which is being intercepted by the KC
> Adapter and redirected (302) to KC. This would be fine, but the problem is,
> the browser then performs a HTTP *OPTIONS* call to KC instead of HTTP GET,
> and the KC just returns 204 without any further information. I also noticed
> that the KC Server *always* replies with an empty 204 to a HTTP OPTIONS
> call, even if there is nothing else in the request.
>
> Is there any way to configure the handling of the OPTIONS requests in KC?
> Alternatively, is it possible to configure the adapter to send a 303 and
> thereby force the browser to perform a GET request? Or am I doing something
> conceptually wrong?
>
> Any help would be appreciated!
> Thank you very much!
>
> Cheers, Raul
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
More information about the keycloak-user
mailing list