There's no Safari issue after all! So we're good to go.
----- Original Message -----
From: "Bill Burke" <bburke(a)redhat.com>
To: "Stian Thorgersen" <stian(a)redhat.com>
Cc: keycloak-dev(a)lists.jboss.org
Sent: Wednesday, 10 September, 2014 3:03:12 PM
Subject: Re: [keycloak-dev] Are we all set?
I'm charging up my macbook. I'll look into it.
On 9/10/2014 8:49 AM, Stian Thorgersen wrote:
> Apparently login with keycloak.js doesn't work on Safari
> (
https://issues.jboss.org/browse/KEYCLOAK-675). We need to fix this before
> releasing :/
>
> ----- Original Message -----
>> From: "Stian Thorgersen" <stian(a)redhat.com>
>> To: "Bill Burke" <bburke(a)redhat.com>
>> Cc: keycloak-dev(a)lists.jboss.org
>> Sent: Wednesday, 10 September, 2014 2:11:34 PM
>> Subject: Re: [keycloak-dev] Are we all set?
>>
>> We also need to reduce info level log output from adapters. I did this for
>> the server for rc-2, but completely forgot about adapters. Marek is
>> already
>> working on this, and I guess it shouldn't take very long.
>>
>> ----- Original Message -----
>>> From: "Stian Thorgersen" <stian(a)redhat.com>
>>> To: "Bill Burke" <bburke(a)redhat.com>
>>> Cc: keycloak-dev(a)lists.jboss.org
>>> Sent: Wednesday, 10 September, 2014 10:37:15 AM
>>> Subject: Re: [keycloak-dev] Are we all set?
>>>
>>>
>>>
>>> ----- Original Message -----
>>>> From: "Bill Burke" <bburke(a)redhat.com>
>>>> To: "Marek Posolda" <mposolda(a)redhat.com>, "Stian
Thorgersen"
>>>> <stian(a)redhat.com>
>>>> Cc: keycloak-dev(a)lists.jboss.org
>>>> Sent: Wednesday, 10 September, 2014 3:09:20 AM
>>>> Subject: Re: [keycloak-dev] Are we all set?
>>>>
>>>>
>>>>
>>>> On 9/9/2014 5:47 PM, Marek Posolda wrote:
>>>>> Hi,
>>>>>
>>>>> I am sorry to not help more with the release as I needed to work
>>>>> especially on some portal related stuff last weeks (hopefully
it's gone
>>>>> now)...
>>>>>
>>>>> Found couple of things:
>>>>> * AccountService is actually broken for me in Chrome due to latest
CSRF
>>>>> stuff. In FF it works fine, but in Chrome I can't update account
or
>>>>> password. For some reason Chrome is always adding "Origin"
header to
>>>>> the
>>>>> update requests (even if they are not ajax requests). So the newly
>>>>> added
>>>>> condition for CSRF in AccountService.init will always fail. I have
>>>>> Chrome 37.0.2062.94 (64-bit) .
>>>>>
>>>>
>>>> Ok, I thought Origin header wasn't supposed to be sent with Browser
>>>> requests. I can probably fix this by allowing same origin.
>>>
>>> Added fix to allow same origin. I also added check of 'Referer'
header to
>>> make sure it's same origin as well.
>>>
>>>>
>>>>
>>>>> * ServerInfo request (
http://localhost:8080/auth/admin/serverinfo)
is
>>>>> not available with CORS . I've created JIRA
>>>>>
https://issues.jboss.org/browse/KEYCLOAK-670 and send PR
>>>>>
https://github.com/keycloak/keycloak/pull/683 for this, which is
adding
>>>>> authentication for ServerInfoAdminResource and then it use
allowOrigins
>>>>> from the authenticated bearer token. Admin console is already using
>>>>> bearer token for sending ServerInfo requests, so no changes are
needed
>>>>> here. I believe that ServerInfoAdminResource should be
authenticated
>>>>> (don't know why stuff like available social providers or themes
should
>>>>> be publicly available). Let me know if you seeing issues with it. I
did
>>>>> not merge PR so far as version in master is already changed to
>>>>> 1.0-Final
>>>>> so not sure what is the state of the release .
>>>>>
>>>>
>>>> Merge it.
>>>>
>>>>> * Realm public resource (
http://localhost:8080/auth/realms/master)
is
>>>>> also not available for CORS requests. Not sure if this is an issue
or
>>>>> not? Thing is that unauthenticated requests can't use CORS at
this
>>>>> moment as I don't know what allowedOrigins to use. Only option
is to
>>>>> allow it for all allowedOrigins (send same
>>>>> "Access-Control-Allow-Origin"
>>>>> as original value of "Origin" header from the request)
>>>>>
>>>>> * There is still quite a lot of INFO logging . For example when I
send
>>>>> product request from the cors-demo example I have 6 new INFO
messages
>>>>> in
>>>>> log (Mainly from org.keycloak.adapters package)
>>>>>
>>>>
>>>> Ping me on your status tomorrow (Wednesday). I'll complete whatever
you
>>>> don't finish above.
>>>>
>>>> Thanks.
>>>>
>>>> --
>>>> Bill Burke
>>>> JBoss, a division of Red Hat
>>>>
http://bill.burkecentral.com
>>>>
>>> _______________________________________________
>>> keycloak-dev mailing list
>>> keycloak-dev(a)lists.jboss.org
>>>
https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>>
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev(a)lists.jboss.org
>>
https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com