4:20 a.m.
Hi,
Is it possible to configure cors? Which are the steps?
My config client is (json):
{
"realm": "name",
"realm-public-key": "...",
"auth-server-url": "https://example:8443/auth",
"ssl-required": "all",
"resource": "name",
"enable-cors": true,
"cors-allowed-methods": "GET, HEAD, OPTIONS",
"cors-allowed-headers": "Origin, Accept, X-Requested-With, Content-Type,
Access-Control-Request-Method, Access-Control-Request-Headersl",
"credentials": {
"secret": "...."
},
"principal-attribute": "preferred_username"
}
And error the application is:
XMLHttpRequest cannot load
https://keycloak_url:8443/auth/realms/name/protocol/open…gin&state=1%....
No 'Access-Control-Allow-Origin' header is present on the requested
resource. Origin 'https://url_app' is therefore not allowed access.
The Keycloak Response Header is:
Cache-Control:no-store, must-revalidate, max-age=0
Connection:keep-alive
Content-Length:5257
Content-Security-Policy:frame-src 'self'
Content-Type:text/html;charset=utf-8
Date:Fri, 02 Dec 2016 09:37:15 GMT
Server:WildFly/10
Set-Cookie:KC_RESTART=COOKIE; Version=1; Path=/auth/realms/name; Secure;
HttpOnly
X-Content-Type-Options:nosniff
X-Frame-Options:SAMEORIGIN
X-Powered-By:Undertow/1
Do I have to modify the file standalone.xml?
4:25 a.m.
Yes, take a look at the examples
https://github.com/keycloak/keycloak/tree/master/examples/cors.
On Fri, Dec 2, 2016 at 8:20 AM Zeus Arias Lucero | BEEVA <
zeus.arias(a)beeva.com> wrote:
Hi,
Is it possible to configure cors? Which are the steps?
My config client is (json):
{
"realm": "name",
"realm-public-key": "...",
"auth-server-url": "https://example:8443/auth",
"ssl-required": "all",
"resource": "name",
"enable-cors": true,
"cors-allowed-methods": "GET, HEAD, OPTIONS",
"cors-allowed-headers": "Origin, Accept, X-Requested-With,
Content-Type,
Access-Control-Request-Method, Access-Control-Request-Headersl",
"credentials": {
"secret": "...."
},
"principal-attribute": "preferred_username"
}
And error the application is:
XMLHttpRequest cannot load
https://keycloak_url:8443/auth/realms/name/protocol/open
…gin&state=1%2token&login=true&scope=openid.
No 'Access-Control-Allow-Origin' header is present on the requested
resource. Origin 'https://url_app' is therefore not allowed access.
The Keycloak Response Header is:
Cache-Control:no-store, must-revalidate, max-age=0
Connection:keep-alive
Content-Length:5257
Content-Security-Policy:frame-src 'self'
Content-Type:text/html;charset=utf-8
Date:Fri, 02 Dec 2016 09:37:15 GMT
Server:WildFly/10
Set-Cookie:KC_RESTART=COOKIE; Version=1; Path=/auth/realms/name; Secure;
HttpOnly
X-Content-Type-Options:nosniff
X-Frame-Options:SAMEORIGIN
X-Powered-By:Undertow/1
Do I have to modify the file standalone.xml?
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
9:20 a.m.
Sorry, it does not work.
You can write here the steps for a configuration correct
My client configuration is:
___________________________________________________________________________________
Client ID: app
Name: app
Description:
Enabled: ON
Consent Required: OFF
Client Protocol: openid-connect
Client Template:
Access Type: public
Standard Flow: ON
Implicit Flow: ON
Direct Access Grants: OFF
Authorization: OFF
Root URL: https://localhost:8080/sso/login
Base URL
Admin URL
Web Origins: https://localhost:8080
https://*:8080
https://*
_______________________________________________________________________________
My keycloak.json
{
"realm": "REALM",
"realm-public-key": "KEY",
"auth-server-url": "https://example:8443/auth",
"ssl-required": "all",
"enable-cors" : true,
"cors-max-age" : 10000,
"cors-allowed-methods" : "POST, PUT, DELETE, GET, HEAD",
"cors-allowed-headers" : "Access-Control-Allow-Origin, Origin, Accept,
X-Requested-With, Content-Type, Access-Control-Request-Method,
Access-Control-Request-Headers",
"resource": "app",
"public-client": true,
"principal-attribute": "preferred_username"
}
2016-12-02 11:25 GMT+01:00 Bruno Oliveira <bruno(a)abstractj.org>:
Yes, take a look at the examples https://github.com/
keycloak/keycloak/tree/master/examples/cors.
On Fri, Dec 2, 2016 at 8:20 AM Zeus Arias Lucero | BEEVA <
zeus.arias(a)beeva.com> wrote:
> Hi,
>
> Is it possible to configure cors? Which are the steps?
>
> My config client is (json):
>
> {
> "realm": "name",
> "realm-public-key": "...",
> "auth-server-url": "https://example:8443/auth",
> "ssl-required": "all",
> "resource": "name",
> "enable-cors": true,
> "cors-allowed-methods": "GET, HEAD, OPTIONS",
> "cors-allowed-headers": "Origin, Accept, X-Requested-With,
Content-Type,
> Access-Control-Request-Method, Access-Control-Request-Headersl",
> "credentials": {
> "secret": "...."
> },
> "principal-attribute": "preferred_username"
> }
>
>
> And error the application is:
>
> XMLHttpRequest cannot load
> https://keycloak_url:8443/auth/realms/name/protocol/open
> …gin&state=1%2token&login=true&scope=openid.
> No 'Access-Control-Allow-Origin' header is present on the requested
> resource. Origin 'https://url_app' is therefore not allowed access.
>
> The Keycloak Response Header is:
>
> Cache-Control:no-store, must-revalidate, max-age=0
> Connection:keep-alive
> Content-Length:5257
> Content-Security-Policy:frame-src 'self'
> Content-Type:text/html;charset=utf-8
> Date:Fri, 02 Dec 2016 09:37:15 GMT
> Server:WildFly/10
> Set-Cookie:KC_RESTART=COOKIE; Version=1; Path=/auth/realms/name; Secure;
> HttpOnly
> X-Content-Type-Options:nosniff
> X-Frame-Options:SAMEORIGIN
> X-Powered-By:Undertow/1
>
> Do I have to modify the file standalone.xml?
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
2897
days inactive
2950
days old
2 comments
2 participants
participants (2)
-
Bruno Oliveira -
Zeus Arias Lucero | BEEVA