[keycloak-user] Enabling CORS

Bill Burke bburke at redhat.com
Sun Feb 22 16:17:29 EST 2015 

Ok, so what are you trying to do?

Application is on localhost:8080?  And there isa  javascript app that is 
trying to invoke the account application on localhost:8082?  You have to 
go to the admin console, click on applications, and go to the account 
app and add http://localhost:8080

The "account" app needs to allow the appropriate CORS origin.

On 2/22/2015 3:02 PM, Christopher Wallace wrote:
> Thanks for the reply Bill, I think I have the correct 'Web Origin' set
> as I tried to cover all for now to get it working then can restrict
> later, please see attached screen shot. I did remove the CORS filter
> from my web.xml as I was putting it there as I was trying to see if that
> would help. Everyones support is greatly appreciated.
>
> Thanks!
> Chris W.
>
> On Sun, Feb 22, 2015 at 2:39 PM, Bill Burke <bburke at redhat.com
> <mailto:bburke at redhat.com>> wrote:
>
>     I should add that you have to specify valid origins in the admin console
>     for the application if you want to use our cors support.
>
>     On 2/22/2015 11:18 AM, Christopher Wallace wrote:
>     > I am seem to have a singifigant challenge getting CORS enabled in Tomcat
>     > for Keyloak. I have taken the following step:
>     >
>      > *enabled CORS in keycloak.json as follows:*
>     >    "enable-cors" : true,
>     >    "cors-max-age" : 1000,
>     >    "cors-allowed-methods": "POST, PUT, DELETE, GET"
>     >
>      > *enabled CORS in web.xml as follows:
>      > *<filter>
>     >      <filter-name>CORS</filter-name>
>     >      <filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class>
>     > </filter>
>     > <filter-mapping>
>     >          <filter-name>CORS</filter-name>
>     >          <url-pattern>/*</url-pattern>
>     > </filter-mapping>
>     > *
>     > *
>     > *installed JARs in $CATALINA_HOME/lib:
>     > *
>     > 27723 Feb 22 11:02 cors-filter-2.3.jar
>     > 7847 Feb 22 11:04 java-property-utils-1.9.1.jar
>     >
>      > *recieve the following error
>      > *GET http://localhost:8082/auth/realms/worktrac/account [HTTP/1.1 403
>     > Forbidden 11ms]
>     >
>     > Cross-Origin Request Blocked: The Same Origin Policy disallows reading
>     > the remote resource at
>     >http://localhost:8082/auth/realms/worktrac/account. This can be fixed by
>     > moving the resource to the same domain or enabling CORS.
>     >
>      > *request URL is
>      > *http://localhost:8080/mprworktrac/userinfo.html*
>      > *
>      >
>      > --
>      > Chris Wallace
>      > cjwallac at gmail.com <mailto:cjwallac at gmail.com>
>     <mailto:cjwallac at gmail.com <mailto:cjwallac at gmail.com>>
>      >
>      >
>      > _______________________________________________
>      > keycloak-user mailing list
>      > keycloak-user at lists.jboss.org <mailto:keycloak-user at lists.jboss.org>
>      > https://lists.jboss.org/mailman/listinfo/keycloak-user
>      >
>
>     --
>     Bill Burke
>     JBoss, a division of Red Hat
>     http://bill.burkecentral.com
>     _______________________________________________
>     keycloak-user mailing list
>     keycloak-user at lists.jboss.org <mailto:keycloak-user at lists.jboss.org>
>     https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
>
>
> --
> Chris Wallace
> cjwallac at gmail.com <mailto:cjwallac at gmail.com>
> c: 570.582.9955

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com

More information about the keycloak-user mailing list