Looks like your services are configured as confidential clients rather than
bearer-only and hence is sending a login request back rather than a 401.
You should either swap your service war to be a bearer-only client or use
the new autodetect-bearer-only option in adapters if you have both web
pages and services in the same war.
On 8 January 2017 at 23:29, Adam Daduev <daduev.ad(a)gmail.com> wrote:
Hi, can you help me!
When session expired and ajax request execute in Keycloak, i have error in
XMLHttpRequest cannot load http://dc09-apps-06:8090/auth/
'Access-Control-Allow-Origin' header is present on the requested resource.
Origin 'http://localhost:8080' is therefore not allowed access.
I add in Keycloak admin console, in the client setting, Web Origins=
(or *), and enabled cors in app, but still has error
in console. I used Keycloak 2.5.0
keycloak-user mailing list