Jan Bárta created ELY-1948: ------------------------------ Summary: wildfly-elytron HTTP JWT Bearer realm CORS Key: ELY-1948 URL: https://issues.redhat.com/browse/ELY-1948 Project: WildFly Elytron Issue Type: Bug Reporter: Jan Bárta Assignee: Darran Lofthouse Hi, i found possible problem with HTTP Bearer JWT. If you need create dynamically CORS by +own policy JAXRS filter+, then it will be problem with expired/invalid (any other problem) JWT token. You will see CORS exception on expired/invalid JWT because wildfly-elytron refuse request before own policy JAXRS filters (as e.g. @PreMatching ContainerRequestFilter, ContainerResponseFilter). -- This message was sent by Atlassian Jira (v7.13.8#713008)