<div dir="ltr"><div>Thanks for the info.</div><div><br></div>I've tried configuring cors-exposed-headers in a JBOSS EAP 6 adapter like this:<div><br></div><div>keycloak.json:</div><div>{</div><div>...</div><div>
<p class=""> "enable-<span class="">cors</span>" : true,</p><p class=""> "<span class="">cors</span>-allowed-methods" : "POST,PUT,DELETE,GET",</p>
<p class=""> "<span class="">cors</span>-allowed-headers" : "Accept,Content-Type,If-Match,If-None-Match,Origin",</p>
<p class=""> "<span class="">cors</span>-exposed-headers" : "ETag,Location",</p><p class="">...</p><p class="">}</p><p class=""><br></p><p class="">But the adapter does not recognise this config and fails to start:</p><p class=""><span class="">10:57:15,923 ERROR [org.apache.catalina.core] (ServerService Thread Pool -- 69) JBWEB001097: Error starting context /data: java.lang.RuntimeException: com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException: Unrecognized field "cors-exposed-headers" (class org.keycloak.representations.adapters.config.AdapterConfig), not marked as ignorable (32 known properties: "ssl-required", "cors-allowed-headers", "register-node-period", "turn-off-change-session-id-on-login", "truststore", "always-refresh-token", "client-key-password", "policy-enforcer", "token-store", "resource", "realm", "proxy-url", "disable-trust-manager", "bearer-only", "truststore-password", "use-resource-role-mappings", "connection-pool-size", "client-keystore", "register-node-at-startup", "client-keystore-password", "auth-server-url", "cors-allowed-methods", "public-client", "expose-token", "token-minimum-time-to-live", "enable-basic-auth", "cors-max-age", "enable-cors", "allow-any-hostname", "realm-public-key", "credentials", "principal-attribute"])</span></p><p class=""><span class=""> at [Source: java.io.ByteArrayInputStream@67593e31; line: 14, column: 29] (through reference chain: org.keycloak.representations.adapters.config.AdapterConfig["cors-exposed-headers"])</span></p><p class=""><span class=""><span class=""> </span>at org.keycloak.adapters.KeycloakDeploymentBuilder.loadAdapterConfig(KeycloakDeploymentBuilder.java:137) [keycloak-adapter-core-2.0.0.Final.jar:2.0.0.Final]</span></p><p class=""><span class=""><span class=""> </span>at org.keycloak.adapters.KeycloakDeploymentBuilder.build(KeycloakDeploymentBuilder.java:126) [keycloak-adapter-core-2.0.0.Final.jar:2.0.0.Final]</span></p><p class=""><span class=""><span class=""> </span>at org.keycloak.adapters.tomcat.AbstractKeycloakAuthenticatorValve.keycloakInit(AbstractKeycloakAuthenticatorValve.java:133) [keycloak-tomcat-core-adapter-2.0.0.Final.jar:2.0.0.Final]</span></p><p class=""><span class=""><span class=""> </span>at org.keycloak.adapters.tomcat.AbstractKeycloakAuthenticatorValve.lifecycleEvent(AbstractKeycloakAuthenticatorValve.java:75) [keycloak-tomcat-core-adapter-2.0.0.Final.jar:2.0.0.Final]</span></p><p class=""><span class=""><span class=""> </span>at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:115) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]</span></p><p class=""><span class=""><span class=""> </span>at org.apache.catalina.core.StandardContext.start(StandardContext.java:3775) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]</span></p><p class=""><span class=""><span class=""> </span>at org.jboss.as.web.deployment.WebDeploymentService.doStart(WebDeploymentService.java:163) [jboss-as-web-7.5.0.Final-redhat-21.jar:7.5.0.Final-redhat-21]</span></p><p class=""><span class=""><span class=""> </span>at org.jboss.as.web.deployment.WebDeploymentService.access$000(WebDeploymentService.java:61) [jboss-as-web-7.5.0.Final-redhat-21.jar:7.5.0.Final-redhat-21]</span></p><p class=""><span class=""><span class=""> </span>at org.jboss.as.web.deployment.WebDeploymentService$1.run(WebDeploymentService.java:96) [jboss-as-web-7.5.0.Final-redhat-21.jar:7.5.0.Final-redhat-21]</span></p><p class=""><span class=""><span class=""> </span>at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471) [rt.jar:1.7.0_80]</span></p><p class=""><span class=""><span class=""> </span>at java.util.concurrent.FutureTask.run(FutureTask.java:262) [rt.jar:1.7.0_80]</span></p><p class=""><span class=""><span class=""> </span>at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [rt.jar:1.7.0_80]</span></p><p class=""><span class=""><span class=""> </span>at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [rt.jar:1.7.0_80]</span></p><p class=""><span class=""><span class=""> </span>at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_80]</span></p><p class=""><span class=""><span class=""> </span>at org.jboss.threads.JBossThread.run(JBossThread.java:122)</span></p><p class=""><span class="">Caused by: com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException: Unrecognized field "cors-exposed-headers" (class org.keycloak.representations.adapters.config.AdapterConfig), not marked as ignorable (32 known properties: "ssl-required", "cors-allowed-headers", "register-node-period", "turn-off-change-session-id-on-login", "truststore", "always-refresh-token", "client-key-password", "policy-enforcer", "token-store", "resource", "realm", "proxy-url", "disable-trust-manager", "bearer-only", "truststore-password", "use-resource-role-mappings", "connection-pool-size", "client-keystore", "register-node-at-startup", "client-keystore-password", "auth-server-url", "cors-allowed-methods", "public-client", "expose-token", "token-minimum-time-to-live", "enable-basic-auth", "cors-max-age", "enable-cors", "allow-any-hostname", "realm-public-key", "credentials", "principal-attribute"])</span></p><p class=""><span class=""> at [Source: java.io.ByteArrayInputStream@67593e31; line: 14, column: 29] (through reference chain: org.keycloak.representations.adapters.config.AdapterConfig["cors-exposed-headers"])</span></p><p class=""><span class=""><span class=""> </span>at com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException.from(UnrecognizedPropertyException.java:51)</span></p><p class=""><span class=""><span class=""> </span>at com.fasterxml.jackson.databind.DeserializationContext.reportUnknownProperty(DeserializationContext.java:817)</span></p><p class=""><span class=""><span class=""> </span>at com.fasterxml.jackson.databind.deser.std.StdDeserializer.handleUnknownProperty(StdDeserializer.java:958)</span></p><p class=""><span class=""><span class=""> </span>at com.fasterxml.jackson.databind.deser.BeanDeserializerBase.handleUnknownProperty(BeanDeserializerBase.java:1324)</span></p><p class=""><span class=""><span class=""> </span>at com.fasterxml.jackson.databind.deser.BeanDeserializerBase.handleUnknownVanilla(BeanDeserializerBase.java:1302)</span></p><p class=""><span class=""><span class=""> </span>at com.fasterxml.jackson.databind.deser.BeanDeserializer.vanillaDeserialize(BeanDeserializer.java:249)</span></p><p class=""><span class=""><span class=""> </span>at com.fasterxml.jackson.databind.deser.BeanDeserializer.deserialize(BeanDeserializer.java:136)</span></p><p class=""><span class=""><span class=""> </span>at com.fasterxml.jackson.databind.ObjectMapper._readMapAndClose(ObjectMapper.java:3564)</span></p><p class=""><span class=""><span class=""> </span>at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:2650)</span></p><p class=""><span class=""><span class=""> </span>at org.keycloak.adapters.KeycloakDeploymentBuilder.loadAdapterConfig(KeycloakDeploymentBuilder.java:135) [keycloak-adapter-core-2.0.0.Final.jar:2.0.0.Final]</span></p><p class=""><span class=""><span class=""> </span>... 14 more</span></p><p class=""><span class=""></span><br></p><p class=""><span class="">10:57:15,973 ERROR [org.apache.catalina.core] (ServerService Thread Pool -- 69) JBWEB001103: Error detected during context /data start, will stop it</span></p><p class=""><span class="">10:57:15,985 ERROR [org.jboss.msc.service.fail] (ServerService Thread Pool -- 69) MSC000001: Failed to start service jboss.web.deployment.default-host./data: org.jboss.msc.service.StartException in service jboss.web.deployment.default-host./data: org.jboss.msc.service.StartException in anonymous service: JBAS018040: Failed to start context</span></p><p class=""><span class=""><span class=""> </span>at org.jboss.as.web.deployment.WebDeploymentService$1.run(WebDeploymentService.java:99)</span></p><p class=""><span class=""><span class=""> </span>at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471) [rt.jar:1.7.0_80]</span></p><p class=""><span class=""><span class=""> </span>at java.util.concurrent.FutureTask.run(FutureTask.java:262) [rt.jar:1.7.0_80]</span></p><p class=""><span class=""><span class=""> </span>at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [rt.jar:1.7.0_80]</span></p><p class=""><span class=""><span class=""> </span>at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [rt.jar:1.7.0_80]</span></p><p class=""><span class=""><span class=""> </span>at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_80]</span></p><p class=""><span class=""><span class=""> </span>at org.jboss.threads.JBossThread.run(JBossThread.java:122)</span></p><p class=""><span class="">Caused by: org.jboss.msc.service.StartException in anonymous service: JBAS018040: Failed to start context</span></p><p class=""><span class=""><span class=""> </span>at org.jboss.as.web.deployment.WebDeploymentService.doStart(WebDeploymentService.java:168)</span></p><p class=""><span class=""><span class=""> </span>at org.jboss.as.web.deployment.WebDeploymentService.access$000(WebDeploymentService.java:61)</span></p><p class=""><span class=""><span class=""> </span>at org.jboss.as.web.deployment.WebDeploymentService$1.run(WebDeploymentService.java:96)</span></p><p class=""><span class=""><span class=""> </span>... 6 more</span></p><p class=""><span class=""></span><br></p><p class=""><span class="">10:57:16,019 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) JBAS014612: Operation ("deploy") failed - address: ([("deployment" => "webims-jcom-data-1.3.1-SNAPSHOT-secure-keycloak.war")]) - failure description: {"JBAS014671: Failed services" => {"jboss.web.deployment.default-host./data" => "org.jboss.msc.service.StartException in service jboss.web.deployment.default-host./data: org.jboss.msc.service.StartException in anonymous service: JBAS018040: Failed to start context</span></p><p class="">
</p><p class=""><span class=""> Caused by: org.jboss.msc.service.StartException in anonymous service: JBAS018040: Failed to start context"}}</span></p><p class=""><br></p><p class=""><br></p></div><div><br></div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Sat, Jul 9, 2016 at 7:38 AM, Bruno Oliveira <span dir="ltr"><<a href="mailto:bruno@abstractj.org" target="_blank">bruno@abstractj.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">As far as I can tell, yes.<br>
<br>
See:<br>
<a href="https://keycloak.gitbooks.io/server-adminstration-guide/content/topics/clients/client-oidc.html" rel="noreferrer" target="_blank">https://keycloak.gitbooks.io/server-adminstration-guide/content/topics/clients/client-oidc.html</a><br>
<a href="https://github.com/keycloak/keycloak/blob/5c98b8c6ae7052b2d906156d8fc212ccd9dfd57d/services/src/main/java/org/keycloak/services/resources/Cors.java#L143" rel="noreferrer" target="_blank">https://github.com/keycloak/keycloak/blob/5c98b8c6ae7052b2d906156d8fc212ccd9dfd57d/services/src/main/java/org/keycloak/services/resources/Cors.java#L143</a><br>
<div><div class="h5"><br>
On 2016-07-08, Hubert Przybysz wrote:<br>
> Hi,<br>
><br>
> Is configuration of CORS Access-Control-Expose-Headers supported in<br>
> 2.0.0.Final adapters?<br>
><br>
> Best regards / Hubert.<br>
<br>
</div></div>> _______________________________________________<br>
> keycloak-user mailing list<br>
> <a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a><br>
> <a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br>
<br>
<br>
--<br>
<br>
abstractj<br>
PGP: 0x84DC9914<br>
</blockquote></div><br></div>