Re: [keycloak-user] Support for CORS Access-Control-Expose-Headers in 2.0.0.Final

Thursday, 15 September 2016

Hi Stian,

Any chance to have this included in the next release?

This problem is really bugging me.

BR / Hubert.

On Tue, Jul 12, 2016 at 8:32 AM, Hubert Przybysz <h.p.przybysz(a)gmail.com&gt;
wrote:

...
 Ok, thanks. It was a bit unclear to me if it should have been
supported.

 On Tue, Jul 12, 2016 at 7:17 AM, Stian Thorgersen <sthorger(a)redhat.com&gt;
 wrote:

> I changed that issue to a feature request, since we've never supported it
> it's not a bug.
>
> On 11 July 2016 at 20:25, Hubert Przybysz <h.p.przybysz(a)gmail.com&gt; wrote:
>
>> I have created KEYCLOAK-3297
>> <https://issues.jboss.org/browse/KEYCLOAK-3297> .
>>
>> On Mon, Jul 11, 2016 at 7:29 PM, Bruno Oliveira <bruno(a)abstractj.org&gt;
>> wrote:
>>
>>> Please, go ahead and create one. I couldn't find any Jira related to
>>> this.
>>>
>>> On Mon, Jul 11, 2016 at 1:36 PM Hubert Przybysz
<h.p.przybysz(a)gmail.com&gt;
>>> wrote:
>>>
>>>> Does anyone know when it will be possible to configure the adapters
>>>> with CORS expose headers?
>>>>
>>>> I don't find any jira for it.
>>>>
>>>> Br / Hubert.
>>>>
>>>> On Mon, Jul 11, 2016 at 6:13 PM, Bruno Oliveira
<bruno(a)abstractj.org&gt;
>>>> wrote:
>>>>
>>>>> You are right Hubert it's not supported at keycloak.json file, I
just
>>>>> overlooked the code.
>>>>> Sorry about that.
>>>>>
>>>>> On 2016-07-11, Hubert Przybysz wrote:
>>>>> > Thanks for the info.
>>>>> >
>>>>> > I've tried configuring cors-exposed-headers in a JBOSS EAP
6
>>>>> adapter like
>>>>> > this:
>>>>> >
>>>>> > keycloak.json:
>>>>> > {
>>>>> > ...
>>>>> >
>>>>> >   "enable-cors" : true,
>>>>> >
>>>>> >   "cors-allowed-methods" :
"POST,PUT,DELETE,GET",
>>>>> >
>>>>> >   "cors-allowed-headers" :
>>>>> > "Accept,Content-Type,If-Match,If-None-Match,Origin",
>>>>> >
>>>>> >   "cors-exposed-headers" : "ETag,Location",
>>>>> >
>>>>> > ...
>>>>> >
>>>>> > }
>>>>> >
>>>>> >
>>>>> > But the adapter does not recognise this config and fails to
start:
>>>>> >
>>>>> > 10:57:15,923 ERROR [org.apache.catalina.core] (ServerService
Thread
>>>>> Pool --
>>>>> > 69) JBWEB001097: Error starting context /data:
>>>>> java.lang.RuntimeException:
>>>>> >
com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException:
>>>>> > Unrecognized field "cors-exposed-headers" (class
>>>>> > org.keycloak.representations.adapters.config.AdapterConfig),
not
>>>>> marked as
>>>>> > ignorable (32 known properties: "ssl-required",
>>>>> "cors-allowed-headers",
>>>>> > "register-node-period",
"turn-off-change-session-id-on-login",
>>>>> > "truststore", "always-refresh-token",
"client-key-password",
>>>>> > "policy-enforcer", "token-store",
"resource", "realm", "proxy-url",
>>>>> > "disable-trust-manager", "bearer-only",
"truststore-password",
>>>>> > "use-resource-role-mappings",
"connection-pool-size",
>>>>> "client-keystore",
>>>>> > "register-node-at-startup",
"client-keystore-password",
>>>>> "auth-server-url",
>>>>> > "cors-allowed-methods", "public-client",
"expose-token",
>>>>> > "token-minimum-time-to-live",
"enable-basic-auth", "cors-max-age",
>>>>> > "enable-cors", "allow-any-hostname",
"realm-public-key",
>>>>> "credentials",
>>>>> > "principal-attribute"])
>>>>> >
>>>>> >  at [Source: java.io.ByteArrayInputStream@67593e31; line: 14,
>>>>> column: 29]
>>>>> > (through reference chain:
>>>>> > org.keycloak.representations.adapters.config.AdapterConfig[
>>>>> "cors-exposed-headers"])
>>>>> >
>>>>> > at
>>>>> >
org.keycloak.adapters.KeycloakDeploymentBuilder.loadAdapterConfig(
>>>>> KeycloakDeploymentBuilder.java:137)
>>>>> > [keycloak-adapter-core-2.0.0.Final.jar:2.0.0.Final]
>>>>> >
>>>>> > at
>>>>> > org.keycloak.adapters.KeycloakDeploymentBuilder.build(
>>>>> KeycloakDeploymentBuilder.java:126)
>>>>> > [keycloak-adapter-core-2.0.0.Final.jar:2.0.0.Final]
>>>>> >
>>>>> > at
>>>>> > org.keycloak.adapters.tomcat.AbstractKeycloakAuthenticatorV
>>>>> alve.keycloakInit(AbstractKeycloakAuthenticatorValve.java:133)
>>>>> > [keycloak-tomcat-core-adapter-2.0.0.Final.jar:2.0.0.Final]
>>>>> >
>>>>> > at
>>>>> > org.keycloak.adapters.tomcat.AbstractKeycloakAuthenticatorV
>>>>> alve.lifecycleEvent(AbstractKeycloakAuthenticatorValve.java:75)
>>>>> > [keycloak-tomcat-core-adapter-2.0.0.Final.jar:2.0.0.Final]
>>>>> >
>>>>> > at
>>>>> > org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(
>>>>> LifecycleSupport.java:115)
>>>>> > [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
>>>>> >
>>>>> > at
>>>>> > org.apache.catalina.core.StandardContext.start(
>>>>> StandardContext.java:3775)
>>>>> > [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
>>>>> >
>>>>> > at
>>>>> > org.jboss.as.web.deployment.WebDeploymentService.doStart(
>>>>> WebDeploymentService.java:163)
>>>>> > [jboss-as-web-7.5.0.Final-redhat-21.jar:7.5.0.Final-redhat-21]
>>>>> >
>>>>> > at
>>>>> > org.jboss.as.web.deployment.WebDeploymentService.access$
>>>>> 000(WebDeploymentService.java:61)
>>>>> > [jboss-as-web-7.5.0.Final-redhat-21.jar:7.5.0.Final-redhat-21]
>>>>> >
>>>>> > at
>>>>> > org.jboss.as.web.deployment.WebDeploymentService$1.run(
>>>>> WebDeploymentService.java:96)
>>>>> > [jboss-as-web-7.5.0.Final-redhat-21.jar:7.5.0.Final-redhat-21]
>>>>> >
>>>>> > at java.util.concurrent.Executors$RunnableAdapter.
>>>>> call(Executors.java:471)
>>>>> > [rt.jar:1.7.0_80]
>>>>> >
>>>>> > at java.util.concurrent.FutureTask.run(FutureTask.java:262)
>>>>> > [rt.jar:1.7.0_80]
>>>>> >
>>>>> > at
>>>>> > java.util.concurrent.ThreadPoolExecutor.runWorker(
>>>>> ThreadPoolExecutor.java:1145)
>>>>> > [rt.jar:1.7.0_80]
>>>>> >
>>>>> > at
>>>>> > java.util.concurrent.ThreadPoolExecutor$Worker.run(
>>>>> ThreadPoolExecutor.java:615)
>>>>> > [rt.jar:1.7.0_80]
>>>>> >
>>>>> > at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_80]
>>>>> >
>>>>> > at org.jboss.threads.JBossThread.run(JBossThread.java:122)
>>>>> >
>>>>> > Caused by:
>>>>> >
com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException:
>>>>> > Unrecognized field "cors-exposed-headers" (class
>>>>> > org.keycloak.representations.adapters.config.AdapterConfig),
not
>>>>> marked as
>>>>> > ignorable (32 known properties: "ssl-required",
>>>>> "cors-allowed-headers",
>>>>> > "register-node-period",
"turn-off-change-session-id-on-login",
>>>>> > "truststore", "always-refresh-token",
"client-key-password",
>>>>> > "policy-enforcer", "token-store",
"resource", "realm", "proxy-url",
>>>>> > "disable-trust-manager", "bearer-only",
"truststore-password",
>>>>> > "use-resource-role-mappings",
"connection-pool-size",
>>>>> "client-keystore",
>>>>> > "register-node-at-startup",
"client-keystore-password",
>>>>> "auth-server-url",
>>>>> > "cors-allowed-methods", "public-client",
"expose-token",
>>>>> > "token-minimum-time-to-live",
"enable-basic-auth", "cors-max-age",
>>>>> > "enable-cors", "allow-any-hostname",
"realm-public-key",
>>>>> "credentials",
>>>>> > "principal-attribute"])
>>>>> >
>>>>> >  at [Source: java.io.ByteArrayInputStream@67593e31; line: 14,
>>>>> column: 29]
>>>>> > (through reference chain:
>>>>> > org.keycloak.representations.adapters.config.AdapterConfig[
>>>>> "cors-exposed-headers"])
>>>>> >
>>>>> > at
>>>>> >
com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException.
>>>>> from(UnrecognizedPropertyException.java:51)
>>>>> >
>>>>> > at
>>>>> > com.fasterxml.jackson.databind.DeserializationContext.
>>>>> reportUnknownProperty(DeserializationContext.java:817)
>>>>> >
>>>>> > at
>>>>> > com.fasterxml.jackson.databind.deser.std.StdDeserializer.
>>>>> handleUnknownProperty(StdDeserializer.java:958)
>>>>> >
>>>>> > at
>>>>> > com.fasterxml.jackson.databind.deser.BeanDeserializerBase.
>>>>> handleUnknownProperty(BeanDeserializerBase.java:1324)
>>>>> >
>>>>> > at
>>>>> > com.fasterxml.jackson.databind.deser.BeanDeserializerBase.
>>>>> handleUnknownVanilla(BeanDeserializerBase.java:1302)
>>>>> >
>>>>> > at
>>>>> > com.fasterxml.jackson.databind.deser.BeanDeserializer.
>>>>> vanillaDeserialize(BeanDeserializer.java:249)
>>>>> >
>>>>> > at
>>>>> >
com.fasterxml.jackson.databind.deser.BeanDeserializer.deserialize(
>>>>> BeanDeserializer.java:136)
>>>>> >
>>>>> > at
>>>>> > com.fasterxml.jackson.databind.ObjectMapper._
>>>>> readMapAndClose(ObjectMapper.java:3564)
>>>>> >
>>>>> > at
>>>>> > com.fasterxml.jackson.databind.ObjectMapper.
>>>>> readValue(ObjectMapper.java:2650)
>>>>> >
>>>>> > at
>>>>> >
org.keycloak.adapters.KeycloakDeploymentBuilder.loadAdapterConfig(
>>>>> KeycloakDeploymentBuilder.java:135)
>>>>> > [keycloak-adapter-core-2.0.0.Final.jar:2.0.0.Final]
>>>>> >
>>>>> > ... 14 more
>>>>> >
>>>>> >
>>>>> > 10:57:15,973 ERROR [org.apache.catalina.core] (ServerService
Thread
>>>>> Pool --
>>>>> > 69) JBWEB001103: Error detected during context /data start,
will
>>>>> stop it
>>>>> >
>>>>> > 10:57:15,985 ERROR [org.jboss.msc.service.fail] (ServerService
>>>>> Thread Pool
>>>>> > -- 69) MSC000001: Failed to start service
>>>>> > jboss.web.deployment.default-host./data:
>>>>> > org.jboss.msc.service.StartException in service
>>>>> > jboss.web.deployment.default-host./data:
>>>>> > org.jboss.msc.service.StartException in anonymous service:
>>>>> JBAS018040:
>>>>> > Failed to start context
>>>>> >
>>>>> > at
>>>>> > org.jboss.as.web.deployment.WebDeploymentService$1.run(
>>>>> WebDeploymentService.java:99)
>>>>> >
>>>>> > at java.util.concurrent.Executors$RunnableAdapter.
>>>>> call(Executors.java:471)
>>>>> > [rt.jar:1.7.0_80]
>>>>> >
>>>>> > at java.util.concurrent.FutureTask.run(FutureTask.java:262)
>>>>> > [rt.jar:1.7.0_80]
>>>>> >
>>>>> > at
>>>>> > java.util.concurrent.ThreadPoolExecutor.runWorker(
>>>>> ThreadPoolExecutor.java:1145)
>>>>> > [rt.jar:1.7.0_80]
>>>>> >
>>>>> > at
>>>>> > java.util.concurrent.ThreadPoolExecutor$Worker.run(
>>>>> ThreadPoolExecutor.java:615)
>>>>> > [rt.jar:1.7.0_80]
>>>>> >
>>>>> > at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_80]
>>>>> >
>>>>> > at org.jboss.threads.JBossThread.run(JBossThread.java:122)
>>>>> >
>>>>> > Caused by: org.jboss.msc.service.StartException in anonymous
>>>>> service:
>>>>> > JBAS018040: Failed to start context
>>>>> >
>>>>> > at
>>>>> > org.jboss.as.web.deployment.WebDeploymentService.doStart(
>>>>> WebDeploymentService.java:168)
>>>>> >
>>>>> > at
>>>>> > org.jboss.as.web.deployment.WebDeploymentService.access$
>>>>> 000(WebDeploymentService.java:61)
>>>>> >
>>>>> > at
>>>>> > org.jboss.as.web.deployment.WebDeploymentService$1.run(
>>>>> WebDeploymentService.java:96)
>>>>> >
>>>>> > ... 6 more
>>>>> >
>>>>> >
>>>>> > 10:57:16,019 ERROR
[org.jboss.as.controller.management-operation]
>>>>> > (Controller Boot Thread) JBAS014612: Operation
("deploy") failed -
>>>>> address:
>>>>> > ([("deployment" => "webims-jcom-data-1.3.1-
>>>>> SNAPSHOT-secure-keycloak.war")])
>>>>> > - failure description: {"JBAS014671: Failed services"
=>
>>>>> > {"jboss.web.deployment.default-host./data" =>
>>>>> > "org.jboss.msc.service.StartException in service
>>>>> > jboss.web.deployment.default-host./data:
>>>>> > org.jboss.msc.service.StartException in anonymous service:
>>>>> JBAS018040:
>>>>> > Failed to start context
>>>>> >
>>>>> >     Caused by: org.jboss.msc.service.StartException in
anonymous
>>>>> service:
>>>>> > JBAS018040: Failed to start context"}}
>>>>> >
>>>>> >
>>>>> >
>>>>> >
>>>>> >
>>>>> >
>>>>> > On Sat, Jul 9, 2016 at 7:38 AM, Bruno Oliveira
<bruno(a)abstractj.org&gt;
>>>>> wrote:
>>>>> >
>>>>> > > As far as I can tell, yes.
>>>>> > >
>>>>> > > See:
>>>>> > >
>>>>> > > https://keycloak.gitbooks.io/server-adminstration-guide/
>>>>> content/topics/clients/client-oidc.html
>>>>> > >
>>>>> > > https://github.com/keycloak/keycloak/blob/
>>>>> 5c98b8c6ae7052b2d906156d8fc212ccd9dfd57d/services/src/main/
>>>>> java/org/keycloak/services/resources/Cors.java#L143
>>>>> > >
>>>>> > > On 2016-07-08, Hubert Przybysz wrote:
>>>>> > > > Hi,
>>>>> > > >
>>>>> > > > Is configuration of CORS
Access-Control-Expose-Headers
>>>>> supported in
>>>>> > > > 2.0.0.Final adapters?
>>>>> > > >
>>>>> > > > Best regards / Hubert.
>>>>> > >
>>>>> > > > _______________________________________________
>>>>> > > > keycloak-user mailing list
>>>>> > > > keycloak-user(a)lists.jboss.org
>>>>> > > >
https://lists.jboss.org/mailman/listinfo/keycloak-user
>>>>> > >
>>>>> > >
>>>>> > > --
>>>>> > >
>>>>> > > abstractj
>>>>> > > PGP: 0x84DC9914
>>>>> > >
>>>>>
>>>>> --
>>>>>
>>>>> abstractj
>>>>> PGP: 0x84DC9914
>>>>>
>>>>
>>>>
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user(a)lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
>

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

Re: [keycloak-user] Support for CORS Access-Control-Expose-Headers in 2.0.0.Final