<div dir="ltr">Thanks for the reply Bill, I think I have the correct 'Web Origin' set as I tried to cover all for now to get it working then can restrict later, please see attached screen shot. I did remove the CORS filter from my web.xml as I was putting it there as I was trying to see if that would help. Everyones support is greatly appreciated.<div><br></div><div>Thanks!</div><div>Chris W.</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Sun, Feb 22, 2015 at 2:39 PM, Bill Burke <span dir="ltr"><<a href="mailto:bburke@redhat.com" target="_blank">bburke@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">I should add that you have to specify valid origins in the admin console<br>
for the application if you want to use our cors support.<br>
<span class=""><br>
On 2/22/2015 11:18 AM, Christopher Wallace wrote:<br>
</span><span class="">> I am seem to have a singifigant challenge getting CORS enabled in Tomcat<br>
> for Keyloak. I have taken the following step:<br>
><br>
</span>> *enabled CORS in keycloak.json as follows:*<br>
<span class="">> "enable-cors" : true,<br>
> "cors-max-age" : 1000,<br>
> "cors-allowed-methods": "POST, PUT, DELETE, GET"<br>
><br>
</span>> *enabled CORS in web.xml as follows:<br>
> *<filter><br>
<span class="">> <filter-name>CORS</filter-name><br>
> <filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class><br>
> </filter><br>
> <filter-mapping><br>
> <filter-name>CORS</filter-name><br>
> <url-pattern>/*</url-pattern><br>
> </filter-mapping><br>
</span><span class="">> *<br>
> *<br>
> *installed JARs in $CATALINA_HOME/lib:<br>
> *<br>
</span><span class="">> 27723 Feb 22 11:02 cors-filter-2.3.jar<br>
> 7847 Feb 22 11:04 java-property-utils-1.9.1.jar<br>
><br>
</span>> *recieve the following error<br>
> *GET <a href="http://localhost:8082/auth/realms/worktrac/account" target="_blank">http://localhost:8082/auth/realms/worktrac/account</a> [HTTP/1.1 403<br>
<span class="im HOEnZb">> Forbidden 11ms]<br>
><br>
> Cross-Origin Request Blocked: The Same Origin Policy disallows reading<br>
> the remote resource at<br>
> <a href="http://localhost:8082/auth/realms/worktrac/account" target="_blank">http://localhost:8082/auth/realms/worktrac/account</a>. This can be fixed by<br>
> moving the resource to the same domain or enabling CORS.<br>
><br>
</span><div class="HOEnZb"><div class="h5">> *request URL is<br>
> *<a href="http://localhost:8080/mprworktrac/userinfo.html*" target="_blank">http://localhost:8080/mprworktrac/userinfo.html*</a><br>
> *<br>
><br>
> --<br>
> Chris Wallace<br>
> <a href="mailto:cjwallac@gmail.com">cjwallac@gmail.com</a> <mailto:<a href="mailto:cjwallac@gmail.com">cjwallac@gmail.com</a>><br>
><br>
><br>
> _______________________________________________<br>
> keycloak-user mailing list<br>
> <a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a><br>
> <a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br>
><br>
<br>
--<br>
Bill Burke<br>
JBoss, a division of Red Hat<br>
<a href="http://bill.burkecentral.com" target="_blank">http://bill.burkecentral.com</a><br>
_______________________________________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br>
</div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature">Chris Wallace<br><a href="mailto:cjwallac@gmail.com" target="_blank">cjwallac@gmail.com</a><br>c: 570.582.9955<br></div>
</div>