0

UI is dead after server shutdown or session timeout

asked 2022-04-11 22:14:26 +0800

KlausWr gravatar image KlausWr
37 5

updated 2022-04-11 22:15:00 +0800

I have zk 9.5.0.3 running in a spring-boot environment (zk-springboot version 2.3.1).

I have an interesting effect that has been different before (as far as I remember):

When there is a session timeout or even a server shutdown of the "zk"-application there is NO message in the frontend - just all UI elements are dead (there is literally NO effect on a button click or whatsoever).

Is there anything I need to configure to get at least a message like "timeout" or "cannot connect to server"?

delete flag offensive retag edit

2 Answers

Sort by ยป oldest newest most voted
0

answered 2022-04-12 20:17:37 +0800

KlausWr gravatar image KlausWr
37 5

updated 2022-04-12 20:32:21 +0800

I found the problem: we use keycloak as user management and authentication service. There is a problem with CORS (cross origin resource sharing) ajax requests.

Access to fetch at 'http://...' (redirected from 'http://.../zkau') from origin 'http://...' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

Anybody aware of this problem? Do I need to configure zk properly to allow this "access"?

link publish delete flag offensive edit
0

answered 2022-04-13 16:19:23 +0800

hawk gravatar image hawk
3013 1 5
http://hawkphoenix.blogsp... ZK Team

updated 2022-04-13 16:20:21 +0800

ZK only sends ajax to the same domain of your app e.g your application is in domain-a, then it sends AJAX request to http://domain-a/zkau

According to your error message:

`Access to fetch at 'http://domain-b' (redirected from 'http://.../zkau') from origin 'http://domain-a

So you configure the server at domain-a to allow the origin from domain-a

Access-Control-Allow-Origin: https://domain-a

It's a server-related configuration, not ZK, so please check your server document. For example, this is Tomcat 9 CORS_Filter.

After solving the CORS issue, since you are using the SSO solution, keycloak, you might need to read https://www.zkoss.org/wiki/ZKDeveloper%27sReference/SecurityTips/SSORedirect_Handling

link publish delete flag offensive edit
Your answer
Please start posting your answer anonymously - your answer will be saved within the current session and published after you log in or create a new account. Please try to give a substantial answer, for discussions, please use comments and please do remember to vote (after you log in)!

[hide preview]

Question tools

Follow

RSS

Stats

Asked: 2022-04-11 22:14:26 +0800

Seen: 10 times

Last updated: Apr 13

Support Options
  • Email Support
  • Training
  • Consulting
  • Outsourcing
Learn More