[keycloak-user] No 'Access-Control-Allow-Origin' header is present on the requested resource

Grant Marrow grantmarrow at gmail.com
Wed Nov 16 15:22:09 EST 2016


I'm familiar with cors. I have used the exact same setup with versions 1.3,
1.4 and 1.9 version of keycloak.  This problem has started since I upgraded
to version 2.3 if keycloak.

I have also tried adding the cors-enabled-headers and cors-enabled-methods
properties to the keycloak.json file on my rest service application and
that did not work as well.

On 16 Nov 2016 21:12, "Chris Savory" <chris.savory at edlogics.com> wrote:

> This doesn’t appear to be Keycloak related at all.  This is just CORS
> errors on your API.
>
> Try reading up here for some more background.
> https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS
>
> But in short, what you need to do is have your API respond with a couple
> of headers; primarily the 'Access-Control-Allow-Origin' header so the
> browser knows that XHR calls to the domain http://localhost:8081 are
> allowed be called from pages that are served off of the domain
> http://localhost:9000
>
> --
> Christopher Savory
> Software Engineer | EdLogics
> www.edlogics.com
>
>
>
>
> From: Grant Marrow <grantmarrow at gmail.com>
> Date: Wednesday, November 16, 2016 at 2:07 PM
> To: Chris Savory <chris.savory at edlogics.com>, "
> keycloak-user at lists.jboss.org" <keycloak-user at lists.jboss.org>
> Subject: Re: [keycloak-user] No 'Access-Control-Allow-Origin' header is
> present on the requested resource
>
> Ok below is a step by step of events:
> 1. User navigates to web application at http://localhost:9000
> 2. Use clicks the sign in button at http://localhost:9000/login
> 3. User is redirected to keycloak at http://localhost:8080 to login
> 4. Once signed in the user ia redirected to http://localhost:9000
> 5. Authenticated User navigates to registrations page at
> http://localhost:9000/registrations. During this step a http GET request
> is done to http://localhost:8081/leap-service/resouces/private/
> registrations.
> At the above step the error occurs. Please let me know if you need more
> information. Thanks
> Regards
> Grant
> On 16 Nov 2016 20:26, "Grant Marrow" <grantmarrow at gmail.com> wrote:
> Hi Chris
> Thanks for getting back to me.  I have done that and it didnt work.  I
> have also tired adding *. That did not work as well. What else can I try?
> Please let me know. Thanks
> Regards
> Grant
> On 16 Nov 2016 20:15, "Chris Savory" <chris.savory at edlogics.com> wrote:
> In the admin, click on Clients, then select your client.  Do you have any
> values for “Web Origins” there?  If not, you need to add
>http://localhost:9000’
>
> --
> Christopher Savory
> Software Engineer | EdLogics
> www.edlogics.com <http://www.edlogics.com/>
>
>  <http://www.edlogics.com/>
>  <https://www.linkedin.com/company/edlogics> <https://twitter.com/EdLogics
> >
>
> On 11/16/16, 1:08 PM, "keycloak-user-bounces at lists.jboss.org on behalf of
> Grant Marrow" <keycloak-user-bounces at lists.jboss.org on behalf of
> grantmarrow at gmail.com> wrote:
>
>     Hi,
>
>     I really need some help. I keep on getting the following error:
>
>
>     *No 'Access-Control-Allow-Origin' header is present on the requested
>     resource. Origin 'http://localhost:9000 <http://localhost:9000/>' is
>     therefore not allowed access. The response had HTTP status code 500.*
>
>     This is my setup:
>
>     *Front End:*
>     - angular 1.5 web application running at http://localhost:9000
>     - client configuration on keycloak admin console:
>     - keycloak.json:
>
>     {
>       "realm": "leap",
>       "auth-server-url": "http://localhost:8080/auth",
>       "ssl-required": "external",
>       "resource": "leap-web",
>       "public-client": true
>     }
>
>
>     *Auth Server*
>     - keycloak version 2.30Final running at http://localhost:8080
>
>     *Web service*
>     - java REST service running on Tomcat version 8.5
>     - client config on keycloak admin console:
>     - web.xml of rest service:
>
>     <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="
>     http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="
>     http://java.sun.com/xml/ns/javaee
>     http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID"
>     version="3.0">
>       <display-name>Archetype Created Web Application</display-name>
>       <module-name>leap-service</module-name>
>      <listener>
>         <listener-class>com.hm.leap.service.init.ContextListener</
> listener-class>
>
>       </listener>
>     <context-param>
>     <param-name>persistentUnit</param-name>
>     <param-value>leap</param-value>
>     </context-param>
>
>       <security-constraint>
>       <web-resource-collection>
>       <web-resource-name>Leap-Service</web-resource-name>
>       <url-pattern>/resources/private/*</url-pattern>
>       </web-resource-collection>
>       <auth-constraint>
>       <role-name>user</role-name>
>       </auth-constraint>
>       </security-constraint>
>
>        <login-config>
>             <auth-method>KEYCLOAK</auth-method>
>             <realm-name>leap</realm-name>
>        </login-config>
>
>       <security-role>
>       <role-name>user</role-name>
>       </security-role>
>
>     </web-app>
>
>     - I also have the valve setup on my context.xml that lives in the
> META-INF
>     directory
>     <Context path="/leap-service">
>     <Valve
>     className="org.keycloak.adapters.tomcat.KeycloakAuthenticatorValve"/>
>
>     </Context>
>
>     - keycloak.json:
>
>     {
>       "realm": "leap",
>       "bearer-only": true,
>       "auth-server-url": "http://localhost:8080/auth",
>       "ssl-required": "external",
>       "resource": "leap-service",
>       "enable-cors": true
>     }
>
>     The error occurs in the following scenario:
>     - The angular web app launches, the user clicks the login button which
>     redirects to Keycloak. The user signs in. The user then tries
> navigates to
>     another page. This page then executes a GET request on my REST service
>     which returns a list which is displayed in a table. But while
> executing the
>     GET request, I receive the error:
>
>     *No 'Access-Control-Allow-Origin' header is present on the requested
>     resource. Origin 'http://localhost:9000 <http://localhost:9000/>' is
>     therefore not allowed access. The response had HTTP status code 500.*
>
>     In my Tomcat log file. I see the following warning message:
>
>
>     *11-Nov-2016 11:28:19.464 WARNING [http-nio-8081-exec-2]
>     org.apache.catalina.authenticator.FormAuthenticator.forwardToLoginPage
> No
>     login page was defined for FORM authentication in context
> [/leap-service]*
>
>     I really can't seen to pinpoint the error. I find it quite strange
> because
>     I have the same setup but using an older version of keycloak (1.9*),
> which
>     worked fine. I know this might be a silly problem, but if you have some
>     time to help me, I would really appreciate it. Thanks.
>
>     Regards
>     Grant
>     _______________________________________________
>     keycloak-user mailing list
>     keycloak-user at lists.jboss.org
>     https://lists.jboss.org/mailman/listinfo/keycloak-user
>
>
>
>


More information about the keycloak-user mailing list