Thank Again Bill! It worked by adding the the 'accounts' application to my realm, what I was doing before was adding the 'origin' to my custom application inside of admin instead of to accounts application.

My goal was to leverage the JSON from the accounts services to give my application inside into whom is authenticated.

On Sun, Feb 22, 2015 at 4:17 PM, Bill Burke <bburke@redhat.com> wrote:
Ok, so what are you trying to do?

Application is on localhost:8080?  And there isa  javascript app that is trying to invoke the account application on localhost:8082?  You have to go to the admin console, click on applications, and go to the account app and add http://localhost:8080

The "account" app needs to allow the appropriate CORS origin.

On 2/22/2015 3:02 PM, Christopher Wallace wrote:
Thanks for the reply Bill, I think I have the correct 'Web Origin' set
as I tried to cover all for now to get it working then can restrict
later, please see attached screen shot. I did remove the CORS filter
from my web.xml as I was putting it there as I was trying to see if that
would help. Everyones support is greatly appreciated.

Thanks!
Chris W.

On Sun, Feb 22, 2015 at 2:39 PM, Bill Burke <bburke@redhat.com
<mailto:bburke@redhat.com>> wrote:

    I should add that you have to specify valid origins in the admin console
    for the application if you want to use our cors support.

    On 2/22/2015 11:18 AM, Christopher Wallace wrote:
    > I am seem to have a singifigant challenge getting CORS enabled in Tomcat
    > for Keyloak. I have taken the following step:
    >
     > *enabled CORS in keycloak.json as follows:*
    >    "enable-cors" : true,
    >    "cors-max-age" : 1000,
    >    "cors-allowed-methods": "POST, PUT, DELETE, GET"
    >
     > *enabled CORS in web.xml as follows:
     > *<filter>
    >      <filter-name>CORS</filter-name>
    >      <filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class>
    > </filter>
    > <filter-mapping>
    >          <filter-name>CORS</filter-name>
    >          <url-pattern>/*</url-pattern>
    > </filter-mapping>
    > *
    > *
    > *installed JARs in $CATALINA_HOME/lib:
    > *
    > 27723 Feb 22 11:02 cors-filter-2.3.jar
    > 7847 Feb 22 11:04 java-property-utils-1.9.1.jar
    >
     > *recieve the following error
     > *GET http://localhost:8082/auth/realms/worktrac/account [HTTP/1.1 403
    > Forbidden 11ms]
    >
    > Cross-Origin Request Blocked: The Same Origin Policy disallows reading
    > the remote resource at
    >http://localhost:8082/auth/realms/worktrac/account. This can be fixed by
    > moving the resource to the same domain or enabling CORS.
    >
     > *request URL is
     > *http://localhost:8080/mprworktrac/userinfo.html*
     > *
     >
     > --
     > Chris Wallace
     > cjwallac@gmail.com <mailto:cjwallac@gmail.com>
    <mailto:cjwallac@gmail.com <mailto:cjwallac@gmail.com>>
     >
     >
     > _______________________________________________
     > keycloak-user mailing list
     > keycloak-user@lists.jboss.org <mailto:keycloak-user@lists.jboss.org>
     > https://lists.jboss.org/mailman/listinfo/keycloak-user
     >

    --
    Bill Burke
    JBoss, a division of Red Hat
    http://bill.burkecentral.com
    _______________________________________________
    keycloak-user mailing list
     keycloak-user@lists.jboss.org <mailto:keycloak-user@lists.jboss.org>
    https://lists.jboss.org/mailman/listinfo/keycloak-user




--
Chris Wallace
cjwallac@gmail.com <mailto:cjwallac@gmail.com>
c: 570.582.9955

--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com



--
Chris Wallace
cjwallac@gmail.com
c: 570.582.9955