[keycloak-user] Configuring javascript calling REST service
Sebastien Blanc
sblanc at redhat.com
Tue Aug 2 12:23:43 EDT 2016
Hi,
I'm not entirely sure but I think that "enable-cors" is not supported for
the Spring Security Adapter.
For now, you have to deal with CORS "manually" on the server side. I think
Spring has a annotation like "@CrossOrigin".
Sebi
On Tue, Aug 2, 2016 at 5:30 PM, Robert van Loenhout <
r.vanloenhout at greenvalley.nl> wrote:
> I'm using the keycloak javascript adapter and the spring security adapter
> for my REST service.
>
> The REST service is configured as a client with 'bearer-only' access type.
>
> The javascript client is authenticated. When it does an ajax call to my
> REST service I receive the following error in my browser:
>
>
>
> Cross-Origin Request Blocked: The Same Origin Policy disallows reading the
> remote resource at http://localhost:30001/rest1/greeting. (Reason: CORS
> header 'Access-Control-Allow-Origin' missing).
>
>
>
> I have added
>
> "enable-cors": true
>
> to my REST keycloak configuration.
>
> However where do I configure which origins are allowed?
>
>
>
> For 'public' and 'confidential' clients you can configure the web origins
> in the admin console.
>
> But when I set it to 'bearer-only' this field is gone.
>
>
>
> So what exactly are the steps you have to take to configure a javascript
> client that call a REST service on another host?
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160802/20cfc94a/attachment.html
More information about the keycloak-user
mailing list