Apiman should allow OPTIONS requests without requiring authorization.
What is your setup/configuration (which app server, etc)? Also what
apiman REST endpoints are you trying to access?
-Eric
On 7/22/2016 7:22 AM, Jairo Junior wrote:
I've been trying to setup apiman + keycloak-oauth-plugin +
keycloak +
keycloak.js with a client-side angularjs app and a REST API. It's a
scenario very similar to
https://github.com/keycloak/keycloak/tree/master/examples/demo-template/a...,
but with apiman and CORS.
My test are going well with curl, but using my javascript app the
browser it is performing a CORS preflight OPTIONS request without
authorization header.
OPTIONS request works well with authorization header using curl,
therefore, I'm not sure whether the browser should include authorization
header or apiman should allows CORS preflight requests (OPTIONS) without
authorization header.
_______________________________________________
Apiman-user mailing list
Apiman-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/apiman-user