Commodore
Commodore
418 views

OIDC problem after 4.5.3 -> No 'Access-Control-Allow-Origin' from userinfo endpoint

Just patched to 4.5.3...

After that, the Userinfo endpoint is not replying with an 'Access-Control-Allow-Origin' header...

Keys and Token endpoint seems to reply with Access-Control-Allow-Origin....

Anyone seen this?

3 Replies
Micro Focus Expert
Micro Focus Expert

It works well with my NAM 4.5.3 setup.

userinfo.PNG
 
 
Check if you can add the option to the Client Application.CORS.PNG
 
 
 
Commodore
Commodore

My IDP is behind AG maybe that is causing missing headers in the first request to userinfo , the second response has Access-Control-Allow-Origin: https://efr.lvh.me:4200

The oauth client config has https://efr.lvh.me:4200 as cors domain ... 

err.png

  

 

 

 

Commodore
Commodore

Problem solved ! 

I had included the SAML token in the accesstoken and that made det request exceed the max headersize in apache / tomcat.

When changing to 

maxHttpHeaderSize="32768" (tomcat)

LimitRequestFieldSize 32768 (Access Gateway)

The request gave a response with an Access-Control-Allow-Origin header.

regards

Magnus

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.