[keycloak-user] CORS REST request blocked by browser
alex_orl1079 at yahoo.it
Wed Sep 30 19:04:28 EDT 2015
1)following exactly the CORS example: i added the js adapter to the angular js application; i configured only the client inside my realm as public, and eventually imported the keycloak.js. Result: when i run the application i'm redirected to the keycloak login page; i filled out the form but after the login i'm blocked by the browser because it does'nt find the access-control-allow-origin header in the get token request. The keycloak.json in the WEB-INF folder of the rest service specifies enabled-cors:true
2)i left the REST layer secured expecting that at the first angular REST request i should be redirected to the keycloak login page. But even in this case browser blocks me because it misses access control allow origin header. Even in this case the keycloak.json in the WEB-INF folder of the rest service specifies enabled-cors:true
So where am i wrong?What is the right approach for securing my web application?Why browser continues blocking my request?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the keycloak-user