[keycloak-user] Problems when using Javascript Adapter

Renann Prado prado.renann at gmail.com
Tue Feb 16 12:00:56 EST 2016


If you are not running on the CORS issue, have you tried to set your web
origins properly?
Remember that http://localhost:8080 != localhost:8080
On Feb 16, 2016 14:55, "LEONARDO NUNES" <leo.nunes at gjccorp.com.br> wrote:

> Stian, so how do I restrict URLs?
> Do I need to place the keycloakAuth.init({ onLoad: 'login-required' }) at
> all pages I what to restrict and keycloakAuth.init({ onLoad: 'check-sso' })
> at pages not restricted?
>
> Does keycloakAuth.init({ onLoad: 'login-required' }) really login the user
> every time it's called?
> Because my listener that implements EventListenerProvider enters the
> onEvent with EventType LOGIN every time init method is called.
>
>
> --
> Leonardo Nunes
>
> From: Stian Thorgersen <sthorger at redhat.com>
> Reply-To: "stian at redhat.com" <stian at redhat.com>
> Date: terça-feira, 16 de fevereiro de 2016 14:27
> To: Leonardo Nunes <leo.nunes at gjccorp.com.br>
> Cc: Bruno Oliveira <bruno at abstractj.org>, "keycloak-user at lists.jboss.org"
> <keycloak-user at lists.jboss.org>
> Subject: Re: [keycloak-user] Problems when using Javascript Adapter
>
> Your HTML5 application should use the JavaScript adapter, not both as you
> are doing now. That is why you are getting a endless redirect loop as both
> adapters just keep trying to login.
>
> On 16 February 2016 at 13:23, LEONARDO NUNES <leo.nunes at gjccorp.com.br>
> wrote:
>
>> Bruno thanks for the replay.
>> I have tried the cors example application and it works fine.
>> When I configure my application to login the way cors example application
>> does, it works also.
>>
>> The problem I see is that it calls the init method with the
>> login-required, and this causes every page load to login again.
>> I have an event listener adapter that sends a request to our statistics
>> server after every login, when I use the onLoad: 'login-required' then on
>> every page load the listener for login is called.
>> keycloakAuth.init({ onLoad: 'login-required' })
>>
>> One thing got confused is, when I use the Javascript Adapter, then I
>> don't have to configure keycloak at the web.xml?
>> Or can I still configure at the web.xml, define the restricted urls and
>> also use the Javascript Adapter?
>>
>> I might be using the Javascript Adapter not the way it was designed to be
>> used.
>>
>>
>> --
>> Leonardo Nunes
>>
>>
>> From: Bruno Oliveira <bruno at abstractj.org>
>> Date: terça-feira, 16 de fevereiro de 2016 09:49
>> To: Leonardo Nunes <leo.nunes at gjccorp.com.br>, "
>> keycloak-user at lists.jboss.org" <keycloak-user at lists.jboss.org>
>> Subject: Re: [keycloak-user] Problems when using Javascript Adapter
>>
>> I believe that your issue is related to CORS, take a look at the examples
>> https://github.com/keycloak/keycloak/tree/master/examples/cors and the
>> documentation as well
>> http://keycloak.github.io/docs/userguide/keycloak-server/html/cors.html.
>>
>>
>> On Tue, Feb 16, 2016 at 9:44 AM LEONARDO NUNES <leo.nunes at gjccorp.com.br>
>> wrote:
>>
>>> Hi, I'm having a problem when using the Javascript Adapter with an
>>> application deployed on Tomcat 7 at localhost:8088 and using Keycloak
>>> 1.8.0.CR3 on localhost:8080.
>>>
>>> I get the following error at the browser console when trying to call
>>> the keycloak.loadUserProfile() method.
>>> XMLHttpRequest cannot load
>>> http://localhost:8080/auth/realms/demo/account. No
>>> 'Access-Control-Allow-Origin' header is present on the requested resource.
>>> Origin 'http://localhost:8088' is therefore not allowed access. The
>>> response had HTTP status code 403.
>>>
>>> And this when I try to call keycloak.loadUserProfile() method.
>>> XMLHttpRequest cannot load
>>> http://localhost:8080/auth/realms/demo/protocol/openid-connect/userinfo.
>>> No 'Access-Control-Allow-Origin' header is present on the requested
>>> resource. Origin 'http://localhost:8088' is therefore not allowed
>>> access. The response had HTTP status code 403.
>>>
>>> Details:
>>>
>>> - If I don't login using keycloak.login() and just navigate to a
>>> restricted page configured at the web.xml and login, after i'm redirected
>>> to the restricted page if I try to call keycloak.loadUserProfile() I get
>>> the same error.
>>> - If I login using keycloak.login() and then call
>>> keycloak.loadUserProfile() or keycloak.loadUserProfile() it works.
>>> - If I navigate to another page and try to
>>> call keycloak.loadUserProfile() or keycloak.loadUserProfile() I get the
>>> same error.
>>> - It only works right after I login, if I navigate to another page it
>>> won't work anymore.
>>>
>>> This is my keycloak.json file
>>> {
>>>   "realm": "demo",
>>>   "realm-public-key":
>>> "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
>>>   "auth-server-url": "http://localhost:8080/auth",
>>>   "ssl-required": "external",
>>>   "resource": "accounts-teste",
>>>   "public-client": true,
>>>   "enable-cors": true
>>> }
>>>
>>>
>>> --
>>> Leonardo Nunes
>>> ------------------------------
>>>
>>>
>>> *Esta mensagem pode conter informação confidencial e/ou privilegiada. Se
>>> você não for o destinatário ou a pessoa autorizada a receber esta mensagem,
>>> não poderá usar, copiar ou divulgar as informações nela contidas ou tomar
>>> qualquer ação baseada nessas informações. Se você recebeu esta mensagem por
>>> engano, por favor avise imediatamente o remetente, respondendo o e-mail e
>>> em seguida apague-o. Agradecemos sua cooperação. This message may contain
>>> confidential and/or privileged information. If you are not the addressee or
>>> authorized to receive this for the addressee, you must not use, copy,
>>> disclose or take any action based on this message or any information
>>> herein. If you have received this message in error, please advise the
>>> sender immediately by reply e-mail and delete this message. Thank you for
>>> your cooperation*
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160216/01e84373/attachment-0001.html 


More information about the keycloak-user mailing list