简体   繁体   English

如何解决:WSO2 Identity Server服务提供商上SAML2 SSO上的CORS问题?

[英]How to fix: CORS issue on SAML2 SSO on WSO2 Identity Server Service Provider?

I have created a Servive Provider with SAML2 Web SSO. 我已经使用SAML2 Web SSO创建了服务提供程序。

I have a application with Node JS server and React Js Front End running on separate port 3000 (node) and 3001 (react). 我有一个带有Node JS服务器和React Js前端的应用程序,它们分别在单独的端口3000(节点)和3001(反应)上运行。

There is a route " http://localhost:3000/app/login " on node that redirect to sso login page if the user is not authenticated (authentication managed by cookies). 如果用户未通过身份验证(由cookie管理的身份验证),则节点上会有一条路由“ http:// localhost:3000 / app / login ”,该路由会重定向到sso登录页面。

But if I tried to invoke the api from the frontend the I am getting the CORS issue as following: 但是,如果我尝试从前端调用api,则会收到CORS问题,如下所示:

Access to fetch at ' Here ' (redirected from ' http://localhost:3000/app ') from origin ' http://localhost:3001 ' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. 对CORS策略阻止从原点“ http:// localhost:3001 ”访问“ 在这里 ”(从“ http:// localhost:3000 / app ”重定向)的访问已被禁止:无“ Access-Control-Allow-Origin”标头出现在请求的资源上。 If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled. 如果不透明的响应满足您的需求,请将请求的模式设置为“ no-cors”,以在禁用CORS的情况下获取资源。

I tried this solution also but no success. 我也尝试过此解决方案,但没有成功。

I got this error in web my web-application which uses express as framewok then I installed cors package available in npm cors node.js and used it in my server side script. 我在Web应用程序中使用express作为framewok的Web应用程序中出现此错误,然后我在npm cors node.js中安装了可用的cors包,并在服务器端脚本中使用了该错误。

 var express = require('express') var cors = require('cors') var app = express() app.use(cors()) 

Seems to be you are getting the issue while trying to access the /samlsso. 似乎是您尝试访问/ samlsso时遇到问题。 To enable org.apache.catalina.filters.CorsFilter filter in repository/conf/tomcat/carbon/WEB-INF/web.xml file, as mentioned in Tomcat documentation 如Tomcat 文档中所述,在repository/conf/tomcat/carbon/WEB-INF/web.xml文件中启用org.apache.catalina.filters.CorsFilter过滤器

If you want to enable CORS headers for any other web app hosted in the Identity Server (such as /authenticationendpoint or /oauth2 ) you have to do the same in the web.xml files (in case of the authentication endpoint web application, the path is repository/deployment/server/webapps/authenticationendpoint/WEB-INF/web.xml ) of those web apps as well. 如果要为Identity Server中托管的任何其他Web应用程序启用CORS标头(例如/authenticationendpoint/oauth2 ),则必须在web.xml文件中执行相同操作(对于身份验证终结点Web应用程序,路径为也是这些Web应用程序的repository/deployment/server/webapps/authenticationendpoint/WEB-INF/web.xml )。

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 WSO2 Identity Server:通过SAML令牌获取用户信息的API? - WSO2 Identity Server: apis to get user info by SAML token? 身份提供者(salesforce)注销SSO时注销服务提供者(passport-saml) - Logout service provider(passport-saml) when identity provider(salesforce) logs out SSO 是否可以使用 SAML2 在 ReactJs 应用程序中实现 SSO? 如果可能的话如何? - Is it possible to implement SSO in a ReactJs application with SAML2? if possible how? 如何在WSO2 Identity Server中设置用户/角色的作用域? - How to set scope for a user/role in WSO2 Identity Server? 从nodejs服务连接到WSO2 Identity Server - connecting to WSO2 Identity Server from nodejs services Node.js 应用程序与 WSO2 身份服务器集成以实现单点登录 - Node.js Applications integration with WSO2 identity Server for Single Sign On 如何在 socket.io 中修复此 CORS 问题? - How to fix this CORS issue in socket.io? 如何设置本地测试SAML2.0身份提供程序? - How do I set up a local test SAML2.0 Identity Provider? WSO2 SAML2BearerGrantHandler SAML令牌发行者验证失败或发行者未注册 - WSO2 SAML2BearerGrantHandler SAML Token Issuer verification failed or Issuer not registered 使用Auth0作为身份提供者的静默SAML身份验证 - Silent SAML Authentication using Auth0 as Identity Provider
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM