[Apiman-user] 401 on a CORS preflight request
Eric Wittmann
eric.wittmann at redhat.com
Fri Jul 22 07:29:53 EDT 2016
Apiman should allow OPTIONS requests without requiring authorization.
What is your setup/configuration (which app server, etc)? Also what
apiman REST endpoints are you trying to access?
-Eric
On 7/22/2016 7:22 AM, Jairo Junior wrote:
> I've been trying to setup apiman + keycloak-oauth-plugin + keycloak +
> keycloak.js with a client-side angularjs app and a REST API. It's a
> scenario very similar to
> https://github.com/keycloak/keycloak/tree/master/examples/demo-template/angular-product-app,
> but with apiman and CORS.
>
> My test are going well with curl, but using my javascript app the
> browser it is performing a CORS preflight OPTIONS request without
> authorization header.
>
> OPTIONS request works well with authorization header using curl,
> therefore, I'm not sure whether the browser should include authorization
> header or apiman should allows CORS preflight requests (OPTIONS) without
> authorization header.
>
>
> _______________________________________________
> Apiman-user mailing list
> Apiman-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/apiman-user
>
More information about the Apiman-user
mailing list