[keycloak-user] SOLVED ! -> OPTIONS 401 - CORS problem
java_os
java at neposoft.com
Sat Feb 11 08:44:49 EST 2017
But it's not working for IE11 - XMLHttpRequest: Network Error 0x80070005,
Access is denied.
Anyone any tips on this?
Chrome/Firefox work
Thanks
> I solved it - all through Spring Security Config in boot. I had to remove
> http.anonymous().disable()
> then I had to allow OPTIONS on :
> http.authorizeRequests()
> .antMatchers(HttpMethod.OPTIONS, "/**").permitAll()
> making sure we're not handle OPTIONS on any rest points I guess should be
> safe enough.
> Other than that , cross domain rest calls work now.
> Hopefully this will help anyone hitting this issue.
>
>
>> Group
>>
>> I have an angular spa deployed on host A - apache httpd (static content)
>> making REST api calls into a spring-boot
>> hosted by host B. The 2 servers are different domains.
>> Spa is protected by Keycloak.js. Am able to bring in the index. When I
>> click on a rest call,
>> browser sends over first OPTIONS request to make sure server B is ready
>> to
>> accept since it is an XHR cross domain call.
>> But the problem is that OPTIONS is being sent without Authorization:
>> Bearer 'token' and so the rest webserver rejects the call
>> with 401 -Unauthorized. Each REST call from the SPA to the cross domain
>> REST is rejected.
>> Am I the first one to hit this?
>> I saw people solving this with regular un-secured apps, but in my case
>> Keycloak using spring-security rejects it.
>> Anyone in the group can help me - anyone has deployed the client and
>> server (being bearer keycloak protected) and solved
>> this problem.
>> Have tried various things inside spring-boot to allow options/cors, etc
>> -
>> none worked.
>>
>> Thank you for help.
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
>
>
More information about the keycloak-user
mailing list