[keycloak-user] CORS for direct grant access

Sadiq Khoja sadiqkhoja at gmail.com
Tue Apr 7 06:47:19 EDT 2015


Dear Stian,

The reason I am not using Keycloak login page is that I have existing
application which have its own user management. From that application I am
calling some RestEasy services for which I have configured KeyCloak. So
basically user would be authenticated using existing application's
mechanism + keycloak. [crazy things happen]

For refreshing token (
http://localhost:8080/auth/realms/master/tokens/refresh), if I add origin
to my own public application, would that work?


​
Regards,
*​​Sadiq Khoja*


On Tue, Apr 7, 2015 at 3:39 PM, Stian Thorgersen <stian at redhat.com> wrote:

>
>
> ----- Original Message -----
> > From: "Sadiq Khoja" <sadiqkhoja at gmail.com>
> > To: "Marek Posolda" <mposolda at redhat.com>
> > Cc: keycloak-user at lists.jboss.org
> > Sent: Tuesday, 7 April, 2015 12:28:28 PM
> > Subject: Re: [keycloak-user] CORS for direct grant access
> >
> > Dear Marek,
> >
> > Because I don't want to redirect user to Keycloak's login page.
> >
> > BTW: I was getting CORS error for refresh url as well so I added my
> origin in
> > security-admin-console application and its working now.
>
> There's many many reasons why what you're doing isn't the greatest idea
> and you'd be much better with redirecting to the login page (which you can
> style to match your app).
>
> In either case you shouldn't use the security-admin-console app for your
> application, that's for the KC admin console. Create your own app and set
> origin on that!
>
> >
> > ​
> > Regards,
> > ​​
> > Sadiq Khoja
> >
> >
> > On Tue, Apr 7, 2015 at 3:12 PM, Marek Posolda < mposolda at redhat.com >
> wrote:
> >
> >
> >
> > Hi,
> >
> > the question is why you need Direct Grant Access in javascript
> application? I
> > think it will be much better to use our javascript adapter and retrieve
> the
> > access token with it:
> >
> http://docs.jboss.org/keycloak/docs/1.2.0.Beta1/userguide/html/ch08.html#javascript-adapter
> >
> > Marek
> >
> >
> > On 7.4.2015 10:24, Sadiq Khoja wrote:
> >
> >
> >
> > Guys,
> >
> > I want to enable CORS for Direct Grant Access, how to do it? I am getting
> > following error from my javascript application:
> >
> > (index):1 XMLHttpRequest cannot load
> > http://localhost:8080/auth/realms/master/tokens/grants/access . No
> > 'Access-Control-Allow-Origin' header is present on the requested
> resource.
> > Origin ' http://pn.localhost:81 ' is therefore not allowed access. The
> > response had HTTP status code 400.
> >
> >
> > ​
> > Regards,
> > ​​
> > Sadiq Khoja
> >
> >
> >
> > _______________________________________________
> > keycloak-user mailing list keycloak-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
> >
> >
> >
> > _______________________________________________
> > keycloak-user mailing list
> > keycloak-user at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150407/885349e7/attachment-0001.html 


More information about the keycloak-user mailing list