[keycloak-user] Resolution for 99% of CORS's problems
shimin q
shimin_q at yahoo.com
Mon Sep 25 14:43:58 EDT 2017
Thanks for posting your solution, Karol. I have been having trouble with Keycloak CORS also. I followed your suggestion:
1 - set client Web Origins 2 - in Keycloak.json, added "enable-cors": true
/usr/share/tomcat/webapps/main/WEB-INF]-bash-$ cat keycloak.json{ "realm": "rtna", "realm-public-key": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvJlVZqi8KaZDZVPPl29y/nnPBHaPvH+NoG71w6BMDwIImw6vkNlO3CSr+kRAyLnpnP/9248gEZx6YwqEKwE4Oy5R6wuuxwOd2FdpYFM2wDw5zhF7U4oYy0WK1m31/hQdLGnpKtDdGReEwdkMOMtG655Nnqw8WdtmF3S2XcEm2t0gaNoYycd6gl4670nRqx6bRxs6UndERHZmHfkzLcL71RflgO1cyuOqMsjMb7oWIDy5bkE4ddB69TAbrpXVzLvwG1OIaM/XdfXOZIaIAajfacP3Vk8bZFa9eAsh5BVaeGzlqktsdk1JjbV0a14OVXQcCRusnV2wE+zSZhPNxhfFwIDAQAB", "auth-server-url": "https://135.112.123.194:8666/auth", "ssl-required": "external", "resource": "main", "public-client": true, "enable-cors": true}
I am still getting error:
135.112.123.183/:1 XMLHttpRequest cannot load https://135.112.123.194:8666/auth/realms/rtna/protocol/openid-connect/token. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://135.112.123.183' is therefore not allowed access.
I also tried to add request header in /opt/sso/keycloak/standalone/configuration/standalone.xml, not working either.
- If standalone.xml has <response-header name="Access-Control-Allow-Origin" header-name="Access-Control-Allow-Origin" header-value="*"/>:
I get the error:(index):82 keycloak init done......
(index):1 XMLHttpRequest cannot load https://135.112.123.194:8666/auth/realms/rtna/protocol/openid-connect/token. The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. Origin 'https://135.112.123.183' is therefore not allowed access. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
Is there anything I am missing? Any idea how to make it work would be appreciated!!
On Wednesday, September 20, 2017, 4:14:00 AM EDT, Karol Buler <K.Buler at adbglobal.com> wrote:
Hi,
after huge amounts of hours of investigations I found the resolution for almost all problems with CORS. I decided that maybe I am not alone with it, so here you go:
1. Go to admin console of Keycloak and set 'Web Origins' of your client to address of your application (or just * ).
2. In your application.properties (keycloak.json) set keycloak.cors = true (don't know the name of this property in keycloak.json).
3. Thats it! Only 2 steps resolves almost all my problems with CORS in our applications.
Best regards,
Karol
[https://www.adbglobal.com/wp-content/uploads/adb.png]
adbglobal.com<https://www.adbglobal.com>
[https://www.adbglobal.com/wp-content/uploads/linkedin_logo.png]<https://www.linkedin.com/company-beta/162280/> [https://www.adbglobal.com/wp-content/uploads/twitter_logo.png] <https://twitter.com/adb_global> [https://www.adbglobal.com/wp-content/uploads/pinterest_logo.png] <https://pinterest.com/adbglobal/pins/>
[https://www.adbglobal.com/wp-content/uploads/ComeJoin.jpg]<https://www.adbglobal.com/meet-us-at-ibc2017/>
_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list