Hi,
I have a tomcat 7 running with two web applications deployed , called ROOT and web client.
I created a realm in keycloak and two applications. Configures tomcat with the correct
json files. When I log in in Root it works fine, when I login in web client it works fine.
But the following is the case. Both application are not owned by my , so I can not change
the code. I login in ROOT, this application connects to web client through a rest call,
this restcall results in a redirect to keycloak because I’m not logged in. the result of
this is :
XMLHttpRequest cannot load
https://keycloak-accdev.planoncloud.com/auth/realms/auth/protocol/openid-....
No 'Access-Control-Allow-Origin' header is present on the requested resource.
Origin 'https://auth-proddev.planoncloud.com' is therefore not allowed access.
I know that this has something todo with CORS, so I added the settings:
"enable-cors" : true,
"cors-max-age" : 1000,
"cors-allowed-methods" : "POST, PUT, DELETE, GET”,
To the json file. And added the keycloak url to web origin of both apps in the keycloak
manager, but still I got the same result. What do I do wrong? Please advice.
Henk