[keycloak-user] Resolution for 99% of CORS's problems

Mon Sep 25 14:43:58 EDT 2017

 Thanks for posting your solution, Karol.  I have been having trouble with Keycloak CORS also.  I followed your suggestion:
1 - set client Web Origins 2 - in Keycloak.json, added "enable-cors": true
/usr/share/tomcat/webapps/main/WEB-INF]-bash-$  cat keycloak.json{      "realm": "rtna",        "realm-public-key": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvJlVZqi8KaZDZVPPl29y/nnPBHaPvH+NoG71w6BMDwIImw6vkNlO3CSr+kRAyLnpnP/9248gEZx6YwqEKwE4Oy5R6wuuxwOd2FdpYFM2wDw5zhF7U4oYy0WK1m31/hQdLGnpKtDdGReEwdkMOMtG655Nnqw8WdtmF3S2XcEm2t0gaNoYycd6gl4670nRqx6bRxs6UndERHZmHfkzLcL71RflgO1cyuOqMsjMb7oWIDy5bkE4ddB69TAbrpXVzLvwG1OIaM/XdfXOZIaIAajfacP3Vk8bZFa9eAsh5BVaeGzlqktsdk1JjbV0a14OVXQcCRusnV2wE+zSZhPNxhfFwIDAQAB",          "auth-server-url": "https://135.112.123.194:8666/auth",            "ssl-required": "external",              "resource": "main",                "public-client": true,                "enable-cors": true}
I am still getting error:
135.112.123.183/:1 XMLHttpRequest cannot load https://135.112.123.194:8666/auth/realms/rtna/protocol/openid-connect/token. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://135.112.123.183' is therefore not allowed access.
I also tried to add request header in  /opt/sso/keycloak/standalone/configuration/standalone.xml, not working either.

   - If standalone.xml has <response-header name="Access-Control-Allow-Origin" header-name="Access-Control-Allow-Origin" header-value="*"/>:

I get the error:(index):82 keycloak init done......

(index):1 XMLHttpRequest cannot load https://135.112.123.194:8666/auth/realms/rtna/protocol/openid-connect/token. The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. Origin 'https://135.112.123.183' is therefore not allowed access. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
Is there anything I am missing?  Any idea how to make it work would be appreciated!!

   On Wednesday, September 20, 2017, 4:14:00 AM EDT, Karol Buler <K.Buler at adbglobal.com> wrote: 

 Hi,

after huge amounts of hours of investigations I found the resolution for almost all problems with CORS. I decided that maybe I am not alone with it, so here you go:

1. Go to admin console of Keycloak and set 'Web Origins' of your client to address of your application (or just * ).

2. In your application.properties (keycloak.json) set keycloak.cors = true (don't know the name of this property in keycloak.json).

3. Thats it! Only 2 steps resolves almost all my problems with CORS in our applications.

Best regards,
Karol

[https://www.adbglobal.com/wp-content/uploads/adb.png]
adbglobal.com<https://www.adbglobal.com>
[https://www.adbglobal.com/wp-content/uploads/linkedin_logo.png]<https://www.linkedin.com/company-beta/162280/>        [https://www.adbglobal.com/wp-content/uploads/twitter_logo.png] <https://twitter.com/adb_global>        [https://www.adbglobal.com/wp-content/uploads/pinterest_logo.png] <https://pinterest.com/adbglobal/pins/>
[https://www.adbglobal.com/wp-content/uploads/ComeJoin.jpg]<https://www.adbglobal.com/meet-us-at-ibc2017/>
_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user