<div dir="ltr"><div>Thank Again Bill! It worked by adding the the 'accounts' application to my realm, what I was doing before was adding the 'origin' to my custom application inside of admin instead of to accounts application.<br><br></div><div>My goal was to leverage the JSON from the accounts services to give my application inside into whom is authenticated. <br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Sun, Feb 22, 2015 at 4:17 PM, Bill Burke <span dir="ltr"><<a href="mailto:bburke@redhat.com" target="_blank">bburke@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Ok, so what are you trying to do?<br>
<br>
Application is on localhost:8080? And there isa javascript app that is trying to invoke the account application on localhost:8082? You have to go to the admin console, click on applications, and go to the account app and add <a href="http://localhost:8080" target="_blank">http://localhost:8080</a><br>
<br>
The "account" app needs to allow the appropriate CORS origin.<span class=""><br>
<br>
On 2/22/2015 3:02 PM, Christopher Wallace wrote:<br>
</span><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">
Thanks for the reply Bill, I think I have the correct 'Web Origin' set<br>
as I tried to cover all for now to get it working then can restrict<br>
later, please see attached screen shot. I did remove the CORS filter<br>
from my web.xml as I was putting it there as I was trying to see if that<br>
would help. Everyones support is greatly appreciated.<br>
<br>
Thanks!<br>
Chris W.<br>
<br>
On Sun, Feb 22, 2015 at 2:39 PM, Bill Burke <<a href="mailto:bburke@redhat.com" target="_blank">bburke@redhat.com</a><br></span><div><div class="h5">
<mailto:<a href="mailto:bburke@redhat.com" target="_blank">bburke@redhat.com</a>>> wrote:<br>
<br>
I should add that you have to specify valid origins in the admin console<br>
for the application if you want to use our cors support.<br>
<br>
On 2/22/2015 11:18 AM, Christopher Wallace wrote:<br>
> I am seem to have a singifigant challenge getting CORS enabled in Tomcat<br>
> for Keyloak. I have taken the following step:<br>
><br>
> *enabled CORS in keycloak.json as follows:*<br>
> "enable-cors" : true,<br>
> "cors-max-age" : 1000,<br>
> "cors-allowed-methods": "POST, PUT, DELETE, GET"<br>
><br>
> *enabled CORS in web.xml as follows:<br>
> *<filter><br>
> <filter-name>CORS</filter-<u></u>name><br>
> <filter-class>com.<u></u>thetransactioncompany.cors.<u></u>CORSFilter</filter-class><br>
> </filter><br>
> <filter-mapping><br>
> <filter-name>CORS</filter-<u></u>name><br>
> <url-pattern>/*</url-pattern><br>
> </filter-mapping><br>
> *<br>
> *<br>
> *installed JARs in $CATALINA_HOME/lib:<br>
> *<br>
> 27723 Feb 22 11:02 cors-filter-2.3.jar<br>
> 7847 Feb 22 11:04 java-property-utils-1.9.1.jar<br>
><br>
> *recieve the following error<br>
> *GET <a href="http://localhost:8082/auth/realms/worktrac/account" target="_blank">http://localhost:8082/auth/<u></u>realms/worktrac/account</a> [HTTP/1.1 403<br>
> Forbidden 11ms]<br>
><br>
> Cross-Origin Request Blocked: The Same Origin Policy disallows reading<br>
> the remote resource at<br>
><a href="http://localhost:8082/auth/realms/worktrac/account" target="_blank">http://localhost:8082/auth/<u></u>realms/worktrac/account</a>. This can be fixed by<br>
> moving the resource to the same domain or enabling CORS.<br>
><br>
> *request URL is<br>
> *<a href="http://localhost:8080/mprworktrac/userinfo.html*" target="_blank">http://localhost:8080/<u></u>mprworktrac/userinfo.html*</a><br>
> *<br>
><br>
> --<br>
> Chris Wallace<br>
> <a href="mailto:cjwallac@gmail.com" target="_blank">cjwallac@gmail.com</a> <mailto:<a href="mailto:cjwallac@gmail.com" target="_blank">cjwallac@gmail.com</a>><br></div></div>
<mailto:<a href="mailto:cjwallac@gmail.com" target="_blank">cjwallac@gmail.com</a> <mailto:<a href="mailto:cjwallac@gmail.com" target="_blank">cjwallac@gmail.com</a>>><br>
><br>
><br>
> ______________________________<u></u>_________________<br>
> keycloak-user mailing list<br>
> <a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a> <mailto:<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.<u></u>jboss.org</a>><span class=""><br>
> <a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" target="_blank">https://lists.jboss.org/<u></u>mailman/listinfo/keycloak-user</a><br>
><br>
<br>
--<br>
Bill Burke<br>
JBoss, a division of Red Hat<br>
<a href="http://bill.burkecentral.com" target="_blank">http://bill.burkecentral.com</a><br>
______________________________<u></u>_________________<br>
keycloak-user mailing list<br></span>
<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a> <mailto:<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.<u></u>jboss.org</a>><span class=""><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" target="_blank">https://lists.jboss.org/<u></u>mailman/listinfo/keycloak-user</a><br>
<br>
<br>
<br>
<br>
--<br>
Chris Wallace<br>
</span><a href="mailto:cjwallac@gmail.com" target="_blank">cjwallac@gmail.com</a> <mailto:<a href="mailto:cjwallac@gmail.com" target="_blank">cjwallac@gmail.com</a>><br>
c: <a href="tel:570.582.9955" value="+15705829955" target="_blank">570.582.9955</a><br>
</blockquote><div class="HOEnZb"><div class="h5">
<br>
-- <br>
Bill Burke<br>
JBoss, a division of Red Hat<br>
<a href="http://bill.burkecentral.com" target="_blank">http://bill.burkecentral.com</a><br>
</div></div></blockquote></div><br><br clear="all"><br>-- <br><div class="gmail_signature">Chris Wallace<br><a href="mailto:cjwallac@gmail.com" target="_blank">cjwallac@gmail.com</a><br>c: 570.582.9955<br></div>
</div>