Keycloak client for VueJS gets status code 403 while trying to access realms/.../protocol/openid-connect/login-status-iframe.html
392 views
Skip to first unread message
DP
Dec 5, 2022, 8:08:30 AM12/5/22
to Keycloak User
Hello!
I am trying to integrate Keycloak client for Vue into an existing application.
I noticed that after a successful login in Keycloak the client sends requests to a URL like
http://localhost:8080/realms/KeycloakDemo/protocol/openid-connect/login-status-iframe.html/init?client_id=<myclient-id>&origin=http://localhost:3001
and receives 403 (forbidden) responses.
Below you can find more detailed data regarding this request
The only message I see at the time in the Keycloak output is this:
2022-12-05 12:44:49,460 WARN [org.keycloak.services.managers.AuthenticationManager] (executor-thread-75) Some clients have been not been logged out for user user1 in KeycloakDemo realm: <client-id>
I am running all of this locally:
1. Keycloak in Docker on port 8080
2. The application with the Keycloak client on port 3001
I am debugging the client application with Chrome with disabled web security (I start it via "open /Applications/Google\ Chrome.app --args --user-data-dir="/var/tmp/Chrome dev session" --disable-web-security").
What could cause the 403 response from Keycloak?
Thanks in advance
Dmitrii Pisarenko
Here are the details of the http://localhost:8080/realms/KeycloakDemo/protocol/openid-connect/login-status-iframe.html/init?client_id=<myclient-id>&origin=http://localhost:3001 request sent (probably) by the vue client library after successful login:
Request Method: GET
Status Code: 403 Forbidden
Remote Address: [::1]:8080
Referrer Policy: no-referrer
Response headers
HTTP/1.1 403 Forbidden
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
content-length: 0
Request headers
Accept: */*
Accept-Encoding: gzip, deflate, br
Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
Cache-Control: no-cache
Connection: keep-alive
Cookie: AUTH_SESSION_ID=3f7f9def-bf41-4d39-b347-6957b990aea3; AUTH_SESSION_ID_LEGACY=3f7f9def-bf41-4d39-b347-6957b990aea3; KEYCLOAK_SESSION=KeycloakDemo/606588af-06bb-44d3-a894-01487453c5b0/3f7f9def-bf41-4d39-b347-6957b990aea3; KEYCLOAK_SESSION_LEGACY=KeycloakDemo/606588af-06bb-44d3-a894-01487453c5b0/3f7f9def-bf41-4d39-b347-6957b990aea3; KEYCLOAK_IDENTITY=...; KEYCLOAK_IDENTITY_LEGACY=...
Host: localhost:8080
Pragma: no-cache
sec-ch-ua: "Google Chrome";v="107", "Chromium";v="107", "Not=A?Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "macOS"
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36
I am trying to integrate Keycloak client for Vue into an existing application.
I noticed that after a successful login in Keycloak the client sends requests to a URL like
http://localhost:8080/realms/KeycloakDemo/protocol/openid-connect/login-status-iframe.html/init?client_id=<myclient-id>&origin=http://localhost:3001
and receives 403 (forbidden) responses.
Below you can find more detailed data regarding this request
The only message I see at the time in the Keycloak output is this:
2022-12-05 12:44:49,460 WARN [org.keycloak.services.managers.AuthenticationManager] (executor-thread-75) Some clients have been not been logged out for user user1 in KeycloakDemo realm: <client-id>
I am running all of this locally:
1. Keycloak in Docker on port 8080
2. The application with the Keycloak client on port 3001
I am debugging the client application with Chrome with disabled web security (I start it via "open /Applications/Google\ Chrome.app --args --user-data-dir="/var/tmp/Chrome dev session" --disable-web-security").
What could cause the 403 response from Keycloak?
Thanks in advance
Dmitrii Pisarenko
Here are the details of the http://localhost:8080/realms/KeycloakDemo/protocol/openid-connect/login-status-iframe.html/init?client_id=<myclient-id>&origin=http://localhost:3001 request sent (probably) by the vue client library after successful login:
Request Method: GET
Status Code: 403 Forbidden
Remote Address: [::1]:8080
Referrer Policy: no-referrer
Response headers
HTTP/1.1 403 Forbidden
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
content-length: 0
Request headers
Accept: */*
Accept-Encoding: gzip, deflate, br
Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
Cache-Control: no-cache
Connection: keep-alive
Cookie: AUTH_SESSION_ID=3f7f9def-bf41-4d39-b347-6957b990aea3; AUTH_SESSION_ID_LEGACY=3f7f9def-bf41-4d39-b347-6957b990aea3; KEYCLOAK_SESSION=KeycloakDemo/606588af-06bb-44d3-a894-01487453c5b0/3f7f9def-bf41-4d39-b347-6957b990aea3; KEYCLOAK_SESSION_LEGACY=KeycloakDemo/606588af-06bb-44d3-a894-01487453c5b0/3f7f9def-bf41-4d39-b347-6957b990aea3; KEYCLOAK_IDENTITY=...; KEYCLOAK_IDENTITY_LEGACY=...
Host: localhost:8080
Pragma: no-cache
sec-ch-ua: "Google Chrome";v="107", "Chromium";v="107", "Not=A?Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "macOS"
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36
DP
Dec 5, 2022, 9:20:56 AM12/5/22
to Keycloak User
FYI: For the time being I "fixed" this problem by passing checkLoginIframe=false into the Keycloak client constructor.
Dmitrii Pisarenko
Reply all
Reply to author
Forward
0 new messages