I'll handle the logging stuff if Marek hasn't gotten to it yet. Thanks
for doing all the issues reported by Marek last night.
i'll run my last tests using IE and EAP 6.3 to make sure we're good on
those platforms.
On 9/10/2014 9:28 AM, Stian Thorgersen wrote:
There's no Safari issue after all! So we're good to go.
----- Original Message -----
> From: "Bill Burke" <bburke(a)redhat.com>
> To: "Stian Thorgersen" <stian(a)redhat.com>
> Cc: keycloak-dev(a)lists.jboss.org
> Sent: Wednesday, 10 September, 2014 3:03:12 PM
> Subject: Re: [keycloak-dev] Are we all set?
>
> I'm charging up my macbook. I'll look into it.
>
> On 9/10/2014 8:49 AM, Stian Thorgersen wrote:
>> Apparently login with keycloak.js doesn't work on Safari
>> (
https://issues.jboss.org/browse/KEYCLOAK-675). We need to fix this before
>> releasing :/
>>
>> ----- Original Message -----
>>> From: "Stian Thorgersen" <stian(a)redhat.com>
>>> To: "Bill Burke" <bburke(a)redhat.com>
>>> Cc: keycloak-dev(a)lists.jboss.org
>>> Sent: Wednesday, 10 September, 2014 2:11:34 PM
>>> Subject: Re: [keycloak-dev] Are we all set?
>>>
>>> We also need to reduce info level log output from adapters. I did this for
>>> the server for rc-2, but completely forgot about adapters. Marek is
>>> already
>>> working on this, and I guess it shouldn't take very long.
>>>
>>> ----- Original Message -----
>>>> From: "Stian Thorgersen" <stian(a)redhat.com>
>>>> To: "Bill Burke" <bburke(a)redhat.com>
>>>> Cc: keycloak-dev(a)lists.jboss.org
>>>> Sent: Wednesday, 10 September, 2014 10:37:15 AM
>>>> Subject: Re: [keycloak-dev] Are we all set?
>>>>
>>>>
>>>>
>>>> ----- Original Message -----
>>>>> From: "Bill Burke" <bburke(a)redhat.com>
>>>>> To: "Marek Posolda" <mposolda(a)redhat.com>,
"Stian Thorgersen"
>>>>> <stian(a)redhat.com>
>>>>> Cc: keycloak-dev(a)lists.jboss.org
>>>>> Sent: Wednesday, 10 September, 2014 3:09:20 AM
>>>>> Subject: Re: [keycloak-dev] Are we all set?
>>>>>
>>>>>
>>>>>
>>>>> On 9/9/2014 5:47 PM, Marek Posolda wrote:
>>>>>> Hi,
>>>>>>
>>>>>> I am sorry to not help more with the release as I needed to work
>>>>>> especially on some portal related stuff last weeks (hopefully
it's gone
>>>>>> now)...
>>>>>>
>>>>>> Found couple of things:
>>>>>> * AccountService is actually broken for me in Chrome due to
latest CSRF
>>>>>> stuff. In FF it works fine, but in Chrome I can't update
account or
>>>>>> password. For some reason Chrome is always adding
"Origin" header to
>>>>>> the
>>>>>> update requests (even if they are not ajax requests). So the
newly
>>>>>> added
>>>>>> condition for CSRF in AccountService.init will always fail. I
have
>>>>>> Chrome 37.0.2062.94 (64-bit) .
>>>>>>
>>>>>
>>>>> Ok, I thought Origin header wasn't supposed to be sent with
Browser
>>>>> requests. I can probably fix this by allowing same origin.
>>>>
>>>> Added fix to allow same origin. I also added check of 'Referer'
header to
>>>> make sure it's same origin as well.
>>>>
>>>>>
>>>>>
>>>>>> * ServerInfo request
(
http://localhost:8080/auth/admin/serverinfo) is
>>>>>> not available with CORS . I've created JIRA
>>>>>>
https://issues.jboss.org/browse/KEYCLOAK-670 and send PR
>>>>>>
https://github.com/keycloak/keycloak/pull/683 for this, which is
adding
>>>>>> authentication for ServerInfoAdminResource and then it use
allowOrigins
>>>>>> from the authenticated bearer token. Admin console is already
using
>>>>>> bearer token for sending ServerInfo requests, so no changes are
needed
>>>>>> here. I believe that ServerInfoAdminResource should be
authenticated
>>>>>> (don't know why stuff like available social providers or
themes should
>>>>>> be publicly available). Let me know if you seeing issues with it.
I did
>>>>>> not merge PR so far as version in master is already changed to
>>>>>> 1.0-Final
>>>>>> so not sure what is the state of the release .
>>>>>>
>>>>>
>>>>> Merge it.
>>>>>
>>>>>> * Realm public resource
(
http://localhost:8080/auth/realms/master) is
>>>>>> also not available for CORS requests. Not sure if this is an
issue or
>>>>>> not? Thing is that unauthenticated requests can't use CORS at
this
>>>>>> moment as I don't know what allowedOrigins to use. Only
option is to
>>>>>> allow it for all allowedOrigins (send same
>>>>>> "Access-Control-Allow-Origin"
>>>>>> as original value of "Origin" header from the request)
>>>>>>
>>>>>> * There is still quite a lot of INFO logging . For example when I
send
>>>>>> product request from the cors-demo example I have 6 new INFO
messages
>>>>>> in
>>>>>> log (Mainly from org.keycloak.adapters package)
>>>>>>
>>>>>
>>>>> Ping me on your status tomorrow (Wednesday). I'll complete
whatever you
>>>>> don't finish above.
>>>>>
>>>>> Thanks.
>>>>>
>>>>> --
>>>>> Bill Burke
>>>>> JBoss, a division of Red Hat
>>>>>
http://bill.burkecentral.com
>>>>>
>>>> _______________________________________________
>>>> keycloak-dev mailing list
>>>> keycloak-dev(a)lists.jboss.org
>>>>
https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>>>
>>> _______________________________________________
>>> keycloak-dev mailing list
>>> keycloak-dev(a)lists.jboss.org
>>>
https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>>
>
> --
> Bill Burke
> JBoss, a division of Red Hat
>
http://bill.burkecentral.com
>