<html><head>
<meta http-equiv="Content-Type" content="text/html; charset=Windows-1252"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; color: rgb(0, 0, 0); font-size: 14px; font-family: Calibri, sans-serif;"><div>Hi,</div><div><br></div><div>I have a tomcat 7 running with two web applications deployed , called ROOT and web client. I created a realm in keycloak and two applications. Configures tomcat with the correct json files. When I log in in Root it works fine, when I login in web client it works fine. But the following is the case. Both application are not owned by my , so I can not change the code. I login in ROOT, this application connects to web client through a rest call, this restcall results in a redirect to keycloak because I’m not logged in. the result of this is : </div><div>XMLHttpRequest cannot load https://keycloak-accdev.planoncloud.com/auth/realms/auth/protocol/openid-co…atorDataService&state=10%2Ff14baad8-c385-4221-b86a-0ac2f0cf8d6a&login=true. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://auth-proddev.planoncloud.com' is therefore not allowed access.</div>I know that this has something todo with CORS, so I added the settings:<div><br><div><div>"enable-cors" : true,</div><div>"cors-max-age" : 1000,</div><div>"cors-allowed-methods" : "POST, PUT, DELETE, GET”,</div></div></div><div><br></div><div>To the json file. And added the keycloak url to web origin of both apps in the keycloak manager, but still I got the same result. What do I do wrong? Please advice.</div><div><br></div><div>Henk </div></body></html>