[keycloak-user] CORS / Cross Domain Javascript calls
Dean Peterson
peterson.dean at gmail.com
Thu Oct 16 16:46:20 EDT 2014
Actually the error I included before is the error I get when I switch the
bearer only application to a confidential one. This is the error I get for
the bearer only configuration:
XMLHttpRequest cannot load
http://localhost:8080/itemrepository-rs/rest/items. No
'Access-Control-Allow-Origin' header is present on the requested resource.
Origin 'http://localhost:9000' is therefore not allowed access.
On Thu, Oct 16, 2014 at 3:35 PM, Dean Peterson <peterson.dean at gmail.com>
wrote:
> I had this working with previous versions of keycloak. Now I am not able
> to figure it out. I have one confidential javascript application with the
> following config:
>
> {
> "realm": "abecorn",
> "realm-public-key":
> "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDcGOrjJDVkNCzgVtUeIErcEYr+1orw3q/abwd3qzvArWbCrs8PZZDO9JONLMWI5gme+G616gMPw+zPwicT2g+bjYb9b0MwjTUbqxGFr858Vt3GNb25hMdsUdDoxuqnXfmXr59zOn6lX9kceMdQBAwfTGm4Gj21mkQf0UJopE8sMwIDAQAB",
> "auth-server-url": "http://fnb-dean-vm2:8080/auth",
> "ssl-required": "external",
> "resource": "item_repository",
> "enable-cors": true,
> "cors-max-age": 1000,
> "credentials": {
> "secret": "d1d72a4d-7ab2-4dbe-82b2-f78ef386908a"
> }
> }
>
> I have another for REST services that is bearer only:
> {
> "realm": "abecorn",
> "realm-public-key":
> "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDcGOrjJDVkNCzgVtUeIErcEYr+1orw3q/abwd3qzvArWbCrs8PZZDO9JONLMWI5gme+G616gMPw+zPwicT2g+bjYb9b0MwjTUbqxGFr858Vt3GNb25hMdsUdDoxuqnXfmXr59zOn6lX9kceMdQBAwfTGm4Gj21mkQf0UJopE8sMwIDAQAB",
> "bearer-only": true,
> "enable-cors": true,
> "cors-max-age": 1000,
> "ssl-required": "external",
> "resource": "itemreposervices"
> }
>
> No matter what web origins I add to the first "confidential" application,
> I continue to get the error: XMLHttpRequest cannot load
> http://localhost:8080/itemrepository-rs/rest/items. The request was
> redirected to '
> http://fnb-dean-vm2:8080/auth/realms/abecorn/protocol/openid-connect/login?…s%2Frest%2Fitems&state=0%2F025e3003-59a5-43d3-9927-396d966d7e5a&login=true',
> which is disallowed for cross-origin requests that require preflight.
>
> I also tried making the bearer only application into a confidential
> application and gave it the appropriate web origins. Still no luck.
> Shouldn't the bearer only applications have a place to enter web origins
> like the admin console had a while back? How do you make the white list
> for a bearer only application to allow cross domain javascript?
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20141016/cab71dbc/attachment.html
More information about the keycloak-user
mailing list