[keycloak-user] Cors not working Final 1.2
Henk Laracker
Henk.Laracker at planonsoftware.com
Thu May 28 07:38:12 EDT 2015
As requested:
cors keycloak.json - http://pastebin.com/raw.php?i=n9McFRGH
app1 keycloak.json - http://pastebin.com/raw.php?i=jaL0c6us
index.html - http://pastebin.com/raw.php?i=SndsyL8F
test.txt - http://pastebin.com/raw.php?i=BeaRUCHE
Thanks for looking in.
On 28/05/15 12:22, "Stian Thorgersen" <stian at redhat.com> wrote:
>
>
>----- Original Message -----
>> From: "Henk Laracker" <Henk.Laracker at planonsoftware.com>
>> To: keycloak-user at lists.jboss.org
>> Cc: "Mark Bertels" <Mark.Bertels at planonsoftware.com>
>> Sent: Thursday, 28 May, 2015 12:01:47 PM
>> Subject: [keycloak-user] Cors not working Final 1.2
>>
>> Hi,
>>
>> Cors headers missing during login procedure of keycloak
>>
>>
>> ===============================
>> Step 1 - Prepare keycloak realm:
>> ===============================
>>
>> Create a simple keycloak realm for testing,
>>
>> ===============================
>> Step 2 - Create a user
>> ===============================
>>
>> Add a user and a client to the realm
>> The client should be configured as follows:
>>
>> Client Protocol openid-connect
>> Access Type public
>>
>> Valid redirect uri's: http://localhost/*
>> http://localhost
>> Web origins: http://localhost/*
>> http://localhost
>>
>> ===============================
>> Step 3 - Create test application on tomcat
>> ===============================
>>
>> On a given tomcat server (I'm using localhost for this example) add 2
>>web
>> applications:
>> app1 with a simple index.html
>> cors with a simple test.txt with the content "Some data"
>>
>> The following url's are now available:
>> http://localhost/app1/index.html
>> http://localhost/cors/test.txt
>>
>> In http://localhost/app1/index.html create javascript which loads data
>>from
>> http://localhost/cors/test.txt
>>
>> If you go to http://localhost/app1/index.html now, a GET will be
>>performed to
>> http://localhost/cors/test.txt and the data is displayed
>>
>>
>> ===============================
>> Step 4 - Adding keycloak to the applications
>> ===============================
>>
>> Add keycloak configuration on "app1".
>>
>>
>> Add keycloak configuration on "cors"
>> Additionally, add
>> "enable-cors": "true"
>> to the json file.
>>
>> ===============================
>> Step 5 - Log in to app1
>> ===============================
>>
>> If you log in to app1 in a new browser the data from app "cors" will
>>not be
>> loaded. The following error will be displayed in the console of your
>>browser
>> (using chrome)
>>
>> XMLHttpRequest cannot load
>>
>>http://localhost-auth:8080/auth/realms/test/protocol/openid-connect/auth?
>>reŠlient%2Ftest.txt&state=6%2Fa1e9817b-7f9b-4d30-ab4e-17637c9d190a&login=
>>true.
>> No 'Access-Control-Allow-Origin' header is present on the requested
>>resource.
>> Origin 'http://localhost' is therefore not allowed access.
>
>This request to "/protocol/openid-connect/auth" makes no sense to me. How
>are you invoking this? Can you include the source for index.html?
>
>>
>>
>> If it loaded the data, make sure that you're logged out, or try it in
>>private
>> browsing mode.
>>
>>
>> ===============================
>> Expected result
>> ===============================
>>
>> We expected "Access-Control-Allow-Origin" to be set to the "Web
>>origins",
>> allowing for cross-application requests without editing existing
>> applications.
>>
>>
>>
>> Met vriendelijke groet / Yours sincerely / Mit freundlichen Grüßen /
>>Très
>> cordialement,
>>
>>
>>
>>
>> Henk Laracker
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list