[keycloak-user] FW: Spring Boot/Keycloak IE11 compatibility

Kuestermann, Thomas Thomas.Kuestermann at sabre.com
Thu Oct 26 04:56:44 EDT 2017 

Hah, thanks for the that! I’m thankful it’s open source.

From: Sebastien Blanc [mailto:sblanc at redhat.com]
Sent: Donnerstag, 26. Oktober 2017 10:36
To: Kuestermann, Thomas <Thomas.Kuestermann at sabre.com<mailto:Thomas.Kuestermann at sabre.com>>
Cc: keycloak-user at lists.jboss.org<mailto:keycloak-user at lists.jboss.org>
Subject: Re: [keycloak-user] Spring Boot/Keycloak IE11 compatibility

Hi,

Looks like a ticket as been opened yesterday for the same problem with a Pull Request as well :)
https://issues.jboss.org/browse/KEYCLOAK-5679
and
https://github.com/keycloak/keycloak/pull/4587
Please, feel free to comment on the PR as well
Seb


On Thu, Oct 26, 2017 at 10:28 AM, Kuestermann, Thomas <Thomas.Kuestermann at sabre.com<mailto:Thomas.Kuestermann at sabre.com>> wrote:
Folks,

We're currently developing a Spring Boot [1] application that uses Keycloak & Spring Security [2] for authentication and authorization. Everything fine so far, the Keycloak login page is displayed when the user accesses the application. I feel a bit ashamed, but it had to happen at some point: We need to support the beloved IE11, yay! What happens with IE is that the login page is not displayed as a HTTP 401 is returned to the browser instead of a HTTP 302. I tracked it down to "org.keycloak.adapters.springsecurity.authentication.HttpHeaderInspectingApiRequestMatcher" checking for the MIME type "text/html" in the HTTP Accept header. Unfortunately, my IE sends something like this in the request:

    Accept: application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/pjpeg, application/x-ms-xbap,*/*

According to the Mozilla Docs [3], MIME type "*/*" matches everything including "text/html" required by the request matcher.

My question is the following as it is easy to work around and fix: Is it worth filing an issue with Keycloak? I also feel confident enough to provide a pull request.

Regards,
-- Thomas

[1] http://www.keycloak.org/docs/latest/securing_apps/topics/oidc/java/spring-boot-adapter.html
[2] http://www.keycloak.org/docs/latest/securing_apps/topics/oidc/java/spring-security-adapter.html
[3] https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Accept

_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org<mailto:keycloak-user at lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user

More information about the keycloak-user mailing list