[wildfly-dev] Push for CORS in WildFly 8

Heiko Braun hbraun at redhat.com
Tue Dec 10 12:35:59 EST 2013


I dont understand your second point, but +1 for enabling cors. It would enable arbitrary use cases that rely on the http endpoint. 

But cors is onky one part if the story. The authentication mechanism would need to change as well, to allow for better integration.

Has anyone evaluated keycloak as an alternative for securing the http management endpoint? 

At a first glance it seems to solve many of the problems we've outlined before.




> Am 10.12.2013 um 14:17 schrieb ssilvert at redhat.com:
> 
> No other console is allowed to use the HTTP management endpoint.  So,
> a layered product's console can not control its own subsystem.



More information about the wildfly-dev mailing list