Re: [keycloak-user] Keycloak-spring-boot-adapter CORS bug?

Hello all, I'm building an application with a Spring Boot (1.4.0) resource service and AngularJS (1.5.8) front-end. Both are separate projects and run on different ports. Therefore I applied global Spring Boot CORS configuration as instructed on this page: https://spring.io/guides/gs/rest-service-cors/ . This works fine. When I want to secure my application using Keycloak I get a No 'Access-Control-Allow-Origin' header 401 when my front-end wants to retrieve data from the service. Because I'm using keycloak-spring-boot-adapter the configuration has to be done in the application.properties. I added these lines: keycloak.cors = true keycloak.cors-max-age = 1000 keycloak.cors-allowed-methods = POST, PUT, DELETE, GET These didn't give an error. (keycloak.enable-cors = true did). Still, I get a 401 with a No 'Access-Control-Allow-Origin' error. I tried several versions of the keycloak-spring-boot-adapter as well as Spring Boot 1.4.1 (which actually resulted in an internal error as described here: http://stackoverflow.com/questions/39794779/how-do-i- configure-the-spring-boot-quickstart-for-keycloak). I tried disabling the Spring Boot CORS configuration. I also tried to minimize the lines in my application.properties and only adding keycloak.cors = true for CORS configuration. All didn't work. I'm just starting out with Keycloak so I don't know if I'm missing something or that I actually stumbled upon a bug. Is there anyone who might be able to help me? Kind regards, Björn _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user