I am seem to have a singifigant challenge getting CORS enabled in Tomcat
for Keyloak. I have taken the following step:
*enabled CORS in keycloak.json as follows:*
"enable-cors" : true,
"cors-max-age" : 1000,
"cors-allowed-methods": "POST, PUT, DELETE, GET"
*enabled CORS in web.xml as follows:*<filter>
<filter-name>CORS</filter-name>
<filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CORS</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
*installed JARs in $CATALINA_HOME/lib: *
27723 Feb 22 11:02 cors-filter-2.3.jar
7847 Feb 22 11:04 java-property-utils-1.9.1.jar
*recieve the following error *GET
http://localhost:8082/auth/realms/worktrac/account [HTTP/1.1 403 Forbidden
11ms]
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the
remote resource at
http://localhost:8082/auth/realms/worktrac/account. This
can be fixed by moving the resource to the same domain or enabling CORS.
*request URL is*http://localhost:8080/mprworktrac/userinfo.html
--
Chris Wallace
cjwallac(a)gmail.com