<div dir="ltr">Hi Stian,<div><br></div><div>Any chance to have this included in the next release?</div><div><br></div><div>This problem is really bugging me.</div><div><br></div><div>BR / Hubert.</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Jul 12, 2016 at 8:32 AM, Hubert Przybysz <span dir="ltr"><<a href="mailto:h.p.przybysz@gmail.com" target="_blank">h.p.przybysz@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Ok, thanks. It was a bit unclear to me if it should have been supported.</div><div class="HOEnZb"><div class="h5"><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Jul 12, 2016 at 7:17 AM, Stian Thorgersen <span dir="ltr"><<a href="mailto:sthorger@redhat.com" target="_blank">sthorger@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">I changed that issue to a feature request, since we've never supported it it's not a bug.</div><div><div><div class="gmail_extra"><br><div class="gmail_quote">On 11 July 2016 at 20:25, Hubert Przybysz <span dir="ltr"><<a href="mailto:h.p.przybysz@gmail.com" target="_blank">h.p.przybysz@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div>I have created <a href="https://issues.jboss.org/browse/KEYCLOAK-3297" target="_blank">KEYCLOAK-3297</a> .</div></div><div><div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Jul 11, 2016 at 7:29 PM, Bruno Oliveira <span dir="ltr"><<a href="mailto:bruno@abstractj.org" target="_blank">bruno@abstractj.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Please, go ahead and create one. I couldn't find any Jira related to this.</div><div><div><br><div class="gmail_quote"><div dir="ltr">On Mon, Jul 11, 2016 at 1:36 PM Hubert Przybysz <<a href="mailto:h.p.przybysz@gmail.com" target="_blank">h.p.przybysz@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Does anyone know when it will be possible to configure the adapters with CORS expose headers? <div><br></div><div>I don't find any jira for it.<div><br></div><div>Br / Hubert.</div></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Jul 11, 2016 at 6:13 PM, Bruno Oliveira <span dir="ltr"><<a href="mailto:bruno@abstractj.org" target="_blank">bruno@abstractj.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">You are right Hubert it's not supported at keycloak.json file, I just overlooked the code.<br>
Sorry about that.<br>
<div><div><br>
On 2016-07-11, Hubert Przybysz wrote:<br>
> Thanks for the info.<br>
><br>
> I've tried configuring cors-exposed-headers in a JBOSS EAP 6 adapter like<br>
> this:<br>
><br>
> keycloak.json:<br>
> {<br>
> ...<br>
><br>
> "enable-cors" : true,<br>
><br>
> "cors-allowed-methods" : "POST,PUT,DELETE,GET",<br>
><br>
> "cors-allowed-headers" :<br>
> "Accept,Content-Type,If-Match,<wbr>If-None-Match,Origin",<br>
><br>
> "cors-exposed-headers" : "ETag,Location",<br>
><br>
> ...<br>
><br>
> }<br>
><br>
><br>
> But the adapter does not recognise this config and fails to start:<br>
><br>
> 10:57:15,923 ERROR [org.apache.catalina.core] (ServerService Thread Pool --<br>
> 69) JBWEB001097: Error starting context /data: java.lang.RuntimeException:<br>
> com.fasterxml.jackson.<wbr>databind.exc.<wbr>UnrecognizedPropertyException:<br>
> Unrecognized field "cors-exposed-headers" (class<br>
> org.keycloak.representations.<wbr>adapters.config.AdapterConfig)<wbr>, not marked as<br>
> ignorable (32 known properties: "ssl-required", "cors-allowed-headers",<br>
> "register-node-period", "turn-off-change-session-id-<wbr>on-login",<br>
> "truststore", "always-refresh-token", "client-key-password",<br>
> "policy-enforcer", "token-store", "resource", "realm", "proxy-url",<br>
> "disable-trust-manager", "bearer-only", "truststore-password",<br>
> "use-resource-role-mappings", "connection-pool-size", "client-keystore",<br>
> "register-node-at-startup", "client-keystore-password", "auth-server-url",<br>
> "cors-allowed-methods", "public-client", "expose-token",<br>
> "token-minimum-time-to-live", "enable-basic-auth", "cors-max-age",<br>
> "enable-cors", "allow-any-hostname", "realm-public-key", "credentials",<br>
> "principal-attribute"])<br>
><br>
> at [Source: java.io.ByteArrayInputStream@<wbr>67593e31; line: 14, column: 29]<br>
> (through reference chain:<br>
> org.keycloak.representations.<wbr>adapters.config.AdapterConfig[<wbr>"cors-exposed-headers"])<br>
><br>
> at<br>
> org.keycloak.adapters.<wbr>KeycloakDeploymentBuilder.<wbr>loadAdapterConfig(<wbr>KeycloakDeploymentBuilder.<wbr>java:137)<br>
> [keycloak-adapter-core-2.0.0.<wbr>Final.jar:2.0.0.Final]<br>
><br>
> at<br>
> org.keycloak.adapters.<wbr>KeycloakDeploymentBuilder.<wbr>build(<wbr>KeycloakDeploymentBuilder.<wbr>java:126)<br>
> [keycloak-adapter-core-2.0.0.<wbr>Final.jar:2.0.0.Final]<br>
><br>
> at<br>
> org.keycloak.adapters.tomcat.<wbr>AbstractKeycloakAuthenticatorV<wbr>alve.keycloakInit(<wbr>AbstractKeycloakAuthenticatorV<wbr>alve.java:133)<br>
> [keycloak-tomcat-core-adapter-<wbr>2.0.0.Final.jar:2.0.0.Final]<br>
><br>
> at<br>
> org.keycloak.adapters.tomcat.<wbr>AbstractKeycloakAuthenticatorV<wbr>alve.lifecycleEvent(<wbr>AbstractKeycloakAuthenticatorV<wbr>alve.java:75)<br>
> [keycloak-tomcat-core-adapter-<wbr>2.0.0.Final.jar:2.0.0.Final]<br>
><br>
> at<br>
> org.apache.catalina.util.<wbr>LifecycleSupport.<wbr>fireLifecycleEvent(<wbr>LifecycleSupport.java:115)<br>
> [jbossweb-7.5.7.Final-redhat-<wbr>1.jar:7.5.7.Final-redhat-1]<br>
><br>
> at<br>
> org.apache.catalina.core.<wbr>StandardContext.start(<wbr>StandardContext.java:3775)<br>
> [jbossweb-7.5.7.Final-redhat-<wbr>1.jar:7.5.7.Final-redhat-1]<br>
><br>
> at<br>
> org.jboss.as.web.deployment.<wbr>WebDeploymentService.doStart(<wbr>WebDeploymentService.java:163)<br>
> [jboss-as-web-7.5.0.Final-<wbr>redhat-21.jar:7.5.0.Final-<wbr>redhat-21]<br>
><br>
> at<br>
> org.jboss.as.web.deployment.<wbr>WebDeploymentService.access$<wbr>000(WebDeploymentService.java:<wbr>61)<br>
> [jboss-as-web-7.5.0.Final-<wbr>redhat-21.jar:7.5.0.Final-<wbr>redhat-21]<br>
><br>
> at<br>
> org.jboss.as.web.deployment.<wbr>WebDeploymentService$1.run(<wbr>WebDeploymentService.java:96)<br>
> [jboss-as-web-7.5.0.Final-<wbr>redhat-21.jar:7.5.0.Final-<wbr>redhat-21]<br>
><br>
> at java.util.concurrent.<wbr>Executors$RunnableAdapter.<wbr>call(Executors.java:471)<br>
> [rt.jar:1.7.0_80]<br>
><br>
> at java.util.concurrent.<wbr>FutureTask.run(FutureTask.<wbr>java:262)<br>
> [rt.jar:1.7.0_80]<br>
><br>
> at<br>
> java.util.concurrent.<wbr>ThreadPoolExecutor.runWorker(<wbr>ThreadPoolExecutor.java:1145)<br>
> [rt.jar:1.7.0_80]<br>
><br>
> at<br>
> java.util.concurrent.<wbr>ThreadPoolExecutor$Worker.run(<wbr>ThreadPoolExecutor.java:615)<br>
> [rt.jar:1.7.0_80]<br>
><br>
> at java.lang.Thread.run(Thread.<wbr>java:745) [rt.jar:1.7.0_80]<br>
><br>
> at org.jboss.threads.JBossThread.<wbr>run(JBossThread.java:122)<br>
><br>
> Caused by:<br>
> com.fasterxml.jackson.<wbr>databind.exc.<wbr>UnrecognizedPropertyException:<br>
> Unrecognized field "cors-exposed-headers" (class<br>
> org.keycloak.representations.<wbr>adapters.config.AdapterConfig)<wbr>, not marked as<br>
> ignorable (32 known properties: "ssl-required", "cors-allowed-headers",<br>
> "register-node-period", "turn-off-change-session-id-<wbr>on-login",<br>
> "truststore", "always-refresh-token", "client-key-password",<br>
> "policy-enforcer", "token-store", "resource", "realm", "proxy-url",<br>
> "disable-trust-manager", "bearer-only", "truststore-password",<br>
> "use-resource-role-mappings", "connection-pool-size", "client-keystore",<br>
> "register-node-at-startup", "client-keystore-password", "auth-server-url",<br>
> "cors-allowed-methods", "public-client", "expose-token",<br>
> "token-minimum-time-to-live", "enable-basic-auth", "cors-max-age",<br>
> "enable-cors", "allow-any-hostname", "realm-public-key", "credentials",<br>
> "principal-attribute"])<br>
><br>
> at [Source: java.io.ByteArrayInputStream@<wbr>67593e31; line: 14, column: 29]<br>
> (through reference chain:<br>
> org.keycloak.representations.<wbr>adapters.config.AdapterConfig[<wbr>"cors-exposed-headers"])<br>
><br>
> at<br>
> com.fasterxml.jackson.<wbr>databind.exc.<wbr>UnrecognizedPropertyException.<wbr>from(<wbr>UnrecognizedPropertyException.<wbr>java:51)<br>
><br>
> at<br>
> com.fasterxml.jackson.<wbr>databind.<wbr>DeserializationContext.<wbr>reportUnknownProperty(<wbr>DeserializationContext.java:<wbr>817)<br>
><br>
> at<br>
> com.fasterxml.jackson.<wbr>databind.deser.std.<wbr>StdDeserializer.<wbr>handleUnknownProperty(<wbr>StdDeserializer.java:958)<br>
><br>
> at<br>
> com.fasterxml.jackson.<wbr>databind.deser.<wbr>BeanDeserializerBase.<wbr>handleUnknownProperty(<wbr>BeanDeserializerBase.java:<wbr>1324)<br>
><br>
> at<br>
> com.fasterxml.jackson.<wbr>databind.deser.<wbr>BeanDeserializerBase.<wbr>handleUnknownVanilla(<wbr>BeanDeserializerBase.java:<wbr>1302)<br>
><br>
> at<br>
> com.fasterxml.jackson.<wbr>databind.deser.<wbr>BeanDeserializer.<wbr>vanillaDeserialize(<wbr>BeanDeserializer.java:249)<br>
><br>
> at<br>
> com.fasterxml.jackson.<wbr>databind.deser.<wbr>BeanDeserializer.deserialize(<wbr>BeanDeserializer.java:136)<br>
><br>
> at<br>
> com.fasterxml.jackson.<wbr>databind.ObjectMapper._<wbr>readMapAndClose(ObjectMapper.<wbr>java:3564)<br>
><br>
> at<br>
> com.fasterxml.jackson.<wbr>databind.ObjectMapper.<wbr>readValue(ObjectMapper.java:<wbr>2650)<br>
><br>
> at<br>
> org.keycloak.adapters.<wbr>KeycloakDeploymentBuilder.<wbr>loadAdapterConfig(<wbr>KeycloakDeploymentBuilder.<wbr>java:135)<br>
> [keycloak-adapter-core-2.0.0.<wbr>Final.jar:2.0.0.Final]<br>
><br>
> ... 14 more<br>
><br>
><br>
> 10:57:15,973 ERROR [org.apache.catalina.core] (ServerService Thread Pool --<br>
> 69) JBWEB001103: Error detected during context /data start, will stop it<br>
><br>
> 10:57:15,985 ERROR [org.jboss.msc.service.fail] (ServerService Thread Pool<br>
> -- 69) MSC000001: Failed to start service<br>
> jboss.web.deployment.default-<wbr>host./data:<br>
> org.jboss.msc.service.<wbr>StartException in service<br>
> jboss.web.deployment.default-<wbr>host./data:<br>
> org.jboss.msc.service.<wbr>StartException in anonymous service: JBAS018040:<br>
> Failed to start context<br>
><br>
> at<br>
> org.jboss.as.web.deployment.<wbr>WebDeploymentService$1.run(<wbr>WebDeploymentService.java:99)<br>
><br>
> at java.util.concurrent.<wbr>Executors$RunnableAdapter.<wbr>call(Executors.java:471)<br>
> [rt.jar:1.7.0_80]<br>
><br>
> at java.util.concurrent.<wbr>FutureTask.run(FutureTask.<wbr>java:262)<br>
> [rt.jar:1.7.0_80]<br>
><br>
> at<br>
> java.util.concurrent.<wbr>ThreadPoolExecutor.runWorker(<wbr>ThreadPoolExecutor.java:1145)<br>
> [rt.jar:1.7.0_80]<br>
><br>
> at<br>
> java.util.concurrent.<wbr>ThreadPoolExecutor$Worker.run(<wbr>ThreadPoolExecutor.java:615)<br>
> [rt.jar:1.7.0_80]<br>
><br>
> at java.lang.Thread.run(Thread.<wbr>java:745) [rt.jar:1.7.0_80]<br>
><br>
> at org.jboss.threads.JBossThread.<wbr>run(JBossThread.java:122)<br>
><br>
> Caused by: org.jboss.msc.service.<wbr>StartException in anonymous service:<br>
> JBAS018040: Failed to start context<br>
><br>
> at<br>
> org.jboss.as.web.deployment.<wbr>WebDeploymentService.doStart(<wbr>WebDeploymentService.java:168)<br>
><br>
> at<br>
> org.jboss.as.web.deployment.<wbr>WebDeploymentService.access$<wbr>000(WebDeploymentService.java:<wbr>61)<br>
><br>
> at<br>
> org.jboss.as.web.deployment.<wbr>WebDeploymentService$1.run(<wbr>WebDeploymentService.java:96)<br>
><br>
> ... 6 more<br>
><br>
><br>
> 10:57:16,019 ERROR [org.jboss.as.controller.<wbr>management-operation]<br>
> (Controller Boot Thread) JBAS014612: Operation ("deploy") failed - address:<br>
> ([("deployment" => "webims-jcom-data-1.3.1-<wbr>SNAPSHOT-secure-keycloak.war")<wbr>])<br>
> - failure description: {"JBAS014671: Failed services" =><br>
> {"jboss.web.deployment.<wbr>default-host./data" =><br>
> "org.jboss.msc.service.<wbr>StartException in service<br>
> jboss.web.deployment.default-<wbr>host./data:<br>
> org.jboss.msc.service.<wbr>StartException in anonymous service: JBAS018040:<br>
> Failed to start context<br>
><br>
> Caused by: org.jboss.msc.service.<wbr>StartException in anonymous service:<br>
> JBAS018040: Failed to start context"}}<br>
><br>
><br>
><br>
><br>
><br>
><br>
> On Sat, Jul 9, 2016 at 7:38 AM, Bruno Oliveira <<a href="mailto:bruno@abstractj.org" target="_blank">bruno@abstractj.org</a>> wrote:<br>
><br>
> > As far as I can tell, yes.<br>
> ><br>
> > See:<br>
> ><br>
> > <a href="https://keycloak.gitbooks.io/server-adminstration-guide/content/topics/clients/client-oidc.html" rel="noreferrer" target="_blank">https://keycloak.gitbooks.io/<wbr>server-adminstration-guide/<wbr>content/topics/clients/client-<wbr>oidc.html</a><br>
> ><br>
> > <a href="https://github.com/keycloak/keycloak/blob/5c98b8c6ae7052b2d906156d8fc212ccd9dfd57d/services/src/main/java/org/keycloak/services/resources/Cors.java#L143" rel="noreferrer" target="_blank">https://github.com/keycloak/<wbr>keycloak/blob/<wbr>5c98b8c6ae7052b2d906156d8fc212<wbr>ccd9dfd57d/services/src/main/<wbr>java/org/keycloak/services/<wbr>resources/Cors.java#L143</a><br>
> ><br>
> > On 2016-07-08, Hubert Przybysz wrote:<br>
> > > Hi,<br>
> > ><br>
> > > Is configuration of CORS Access-Control-Expose-Headers supported in<br>
> > > 2.0.0.Final adapters?<br>
> > ><br>
> > > Best regards / Hubert.<br>
> ><br>
> > > ______________________________<wbr>_________________<br>
> > > keycloak-user mailing list<br>
> > > <a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a><br>
> > > <a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/<wbr>mailman/listinfo/keycloak-user</a><br>
> ><br>
> ><br>
> > --<br>
> ><br>
> > abstractj<br>
> > PGP: 0x84DC9914<br>
> ><br>
<br>
</div></div>--<br>
<br>
abstractj<br>
PGP: 0x84DC9914<br>
</blockquote></div><br></div>
</blockquote></div>
</div></div></blockquote></div><br></div>
</div></div><br>______________________________<wbr>_________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org" target="_blank">keycloak-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/<wbr>mailman/listinfo/keycloak-user</a><br></blockquote></div><br></div>
</div></div></blockquote></div><br></div>
</div></div></blockquote></div><br></div>