<div dir="ltr">Actually the error I included before is the error I get when I switch the bearer only application to a confidential one. This is the error I get for the bearer only configuration:<div>XMLHttpRequest cannot load <a href="http://localhost:8080/itemrepository-rs/rest/items">http://localhost:8080/itemrepository-rs/rest/items</a>. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin '<a href="http://localhost:9000">http://localhost:9000</a>' is therefore not allowed access. <br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Oct 16, 2014 at 3:35 PM, Dean Peterson <span dir="ltr"><<a href="mailto:peterson.dean@gmail.com" target="_blank">peterson.dean@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">I had this working with previous versions of keycloak. Now I am not able to figure it out. I have one confidential javascript application with the following config:<div><br></div><div><div>{</div><div> "realm": "abecorn",</div><div> "realm-public-key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDcGOrjJDVkNCzgVtUeIErcEYr+1orw3q/abwd3qzvArWbCrs8PZZDO9JONLMWI5gme+G616gMPw+zPwicT2g+bjYb9b0MwjTUbqxGFr858Vt3GNb25hMdsUdDoxuqnXfmXr59zOn6lX9kceMdQBAwfTGm4Gj21mkQf0UJopE8sMwIDAQAB",</div><div> "auth-server-url": "<a href="http://fnb-dean-vm2:8080/auth" target="_blank">http://fnb-dean-vm2:8080/auth</a>",</div><div> "ssl-required": "external",</div><div> "resource": "item_repository",</div><div> "enable-cors": true,</div><div> "cors-max-age": 1000,</div><div> "credentials": {</div><div> "secret": "d1d72a4d-7ab2-4dbe-82b2-f78ef386908a"</div><div> }</div><div>}</div></div><div><br></div><div>I have another for REST services that is bearer only:</div><div><div>{</div><div> "realm": "abecorn",</div><div> "realm-public-key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDcGOrjJDVkNCzgVtUeIErcEYr+1orw3q/abwd3qzvArWbCrs8PZZDO9JONLMWI5gme+G616gMPw+zPwicT2g+bjYb9b0MwjTUbqxGFr858Vt3GNb25hMdsUdDoxuqnXfmXr59zOn6lX9kceMdQBAwfTGm4Gj21mkQf0UJopE8sMwIDAQAB",</div><div> "bearer-only": true,</div><div> "enable-cors": true,</div><div> "cors-max-age": 1000,</div><div> "ssl-required": "external",</div><div> "resource": "itemreposervices"</div><div>}</div></div><div><br></div><div>No matter what web origins I add to the first "confidential" application, I continue to get the error: XMLHttpRequest cannot load <a href="http://localhost:8080/itemrepository-rs/rest/items" target="_blank">http://localhost:8080/itemrepository-rs/rest/items</a>. The request was redirected to '<a href="http://fnb-dean-vm2:8080/auth/realms/abecorn/protocol/openid-connect/login?" target="_blank">http://fnb-dean-vm2:8080/auth/realms/abecorn/protocol/openid-connect/login?</a>…s%2Frest%2Fitems&state=0%2F025e3003-59a5-43d3-9927-396d966d7e5a&login=true', which is disallowed for cross-origin requests that require preflight.</div><div><br></div><div>I also tried making the bearer only application into a confidential application and gave it the appropriate web origins. Still no luck. Shouldn't the bearer only applications have a place to enter web origins like the admin console had a while back? How do you make the white list for a bearer only application to allow cross domain javascript?</div></div>
</blockquote></div><br></div>