<div dir="ltr"><div><div><div>I am seem to have a singifigant challenge getting CORS enabled in Tomcat for Keyloak. I have taken the following step:<br><br></div><b>enabled CORS in keycloak.json as follows:</b><br> "enable-cors" : true,<br> "cors-max-age" : 1000,<br> "cors-allowed-methods": "POST, PUT, DELETE, GET"<br><br></div><b>enabled CORS in web.xml as follows:<br></b><filter><br> <filter-name>CORS</filter-name><br> <filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class><br></filter><br><filter-mapping><br> <filter-name>CORS</filter-name><br> <url-pattern>/*</url-pattern><br></filter-mapping><br><b><br></b></div><b>installed JARs in $CATALINA_HOME/lib: <br clear="all"></b><div><div><div><div><div>27723 Feb 22 11:02 cors-filter-2.3.jar<br>7847 Feb 22 11:04 java-property-utils-1.9.1.jar<br><br></div><div><b>recieve the following error <br></b>GET <a href="http://localhost:8082/auth/realms/worktrac/account">http://localhost:8082/auth/realms/worktrac/account</a> [HTTP/1.1 403 Forbidden 11ms]<br><br>Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at <a href="http://localhost:8082/auth/realms/worktrac/account">http://localhost:8082/auth/realms/worktrac/account</a>. This can be fixed by moving the resource to the same domain or enabling CORS.<br><br></div><div><b>request URL is<br></b><a href="http://localhost:8080/mprworktrac/userinfo.html">http://localhost:8080/mprworktrac/userinfo.html</a><b><br></b></div><div><br>-- <br><div class="gmail_signature">Chris Wallace<br><a href="mailto:cjwallac@gmail.com" target="_blank">cjwallac@gmail.com</a><br></div>
</div></div></div></div></div></div>