[keycloak-user] CORS for direct grant access
Stian Thorgersen
stian at redhat.com
Tue Apr 7 06:51:31 EDT 2015
----- Original Message -----
> From: "Sadiq Khoja" <sadiqkhoja at gmail.com>
> To: "Stian Thorgersen" <stian at redhat.com>
> Cc: "Marek Posolda" <mposolda at redhat.com>, keycloak-user at lists.jboss.org
> Sent: Tuesday, 7 April, 2015 12:47:19 PM
> Subject: Re: [keycloak-user] CORS for direct grant access
>
> Dear Stian,
>
> The reason I am not using Keycloak login page is that I have existing
> application which have its own user management. From that application I am
> calling some RestEasy services for which I have configured KeyCloak. So
> basically user would be authenticated using existing application's
> mechanism + keycloak. [crazy things happen]
Sounds pretty crazy - so you basically login user twice from same js code?
>
> For refreshing token (
> http://localhost:8080/auth/realms/master/tokens/refresh), if I add origin
> to my own public application, would that work?
Yes
>
>
>
> Regards,
> *Sadiq Khoja*
>
>
> On Tue, Apr 7, 2015 at 3:39 PM, Stian Thorgersen <stian at redhat.com> wrote:
>
> >
> >
> > ----- Original Message -----
> > > From: "Sadiq Khoja" <sadiqkhoja at gmail.com>
> > > To: "Marek Posolda" <mposolda at redhat.com>
> > > Cc: keycloak-user at lists.jboss.org
> > > Sent: Tuesday, 7 April, 2015 12:28:28 PM
> > > Subject: Re: [keycloak-user] CORS for direct grant access
> > >
> > > Dear Marek,
> > >
> > > Because I don't want to redirect user to Keycloak's login page.
> > >
> > > BTW: I was getting CORS error for refresh url as well so I added my
> > origin in
> > > security-admin-console application and its working now.
> >
> > There's many many reasons why what you're doing isn't the greatest idea
> > and you'd be much better with redirecting to the login page (which you can
> > style to match your app).
> >
> > In either case you shouldn't use the security-admin-console app for your
> > application, that's for the KC admin console. Create your own app and set
> > origin on that!
> >
> > >
> > >
> > > Regards,
> > >
> > > Sadiq Khoja
> > >
> > >
> > > On Tue, Apr 7, 2015 at 3:12 PM, Marek Posolda < mposolda at redhat.com >
> > wrote:
> > >
> > >
> > >
> > > Hi,
> > >
> > > the question is why you need Direct Grant Access in javascript
> > application? I
> > > think it will be much better to use our javascript adapter and retrieve
> > the
> > > access token with it:
> > >
> > http://docs.jboss.org/keycloak/docs/1.2.0.Beta1/userguide/html/ch08.html#javascript-adapter
> > >
> > > Marek
> > >
> > >
> > > On 7.4.2015 10:24, Sadiq Khoja wrote:
> > >
> > >
> > >
> > > Guys,
> > >
> > > I want to enable CORS for Direct Grant Access, how to do it? I am getting
> > > following error from my javascript application:
> > >
> > > (index):1 XMLHttpRequest cannot load
> > > http://localhost:8080/auth/realms/master/tokens/grants/access . No
> > > 'Access-Control-Allow-Origin' header is present on the requested
> > resource.
> > > Origin ' http://pn.localhost:81 ' is therefore not allowed access. The
> > > response had HTTP status code 400.
> > >
> > >
> > >
> > > Regards,
> > >
> > > Sadiq Khoja
> > >
> > >
> > >
> > > _______________________________________________
> > > keycloak-user mailing list keycloak-user at lists.jboss.org
> > > https://lists.jboss.org/mailman/listinfo/keycloak-user
> > >
> > >
> > >
> > > _______________________________________________
> > > keycloak-user mailing list
> > > keycloak-user at lists.jboss.org
> > > https://lists.jboss.org/mailman/listinfo/keycloak-user
> >
>
More information about the keycloak-user
mailing list