[keycloak-user] Error when session expired and ajax request execute in Keycloak?

Stian Thorgersen sthorger at redhat.com
Mon Jan 9 07:51:25 EST 2017


[Adding list back]

A web app redirects the user to a login page if not authenticated, while a
service should return a 401.

It sounds like what you have is a JS application with a service backend. In
Keycloak you should have two separate types of clients for that. The JS
application should be a public client, while the services a bearer-only
client.

On 9 January 2017 at 13:39, Adam Daduev <daduev.ad at gmail.com> wrote:

> Thanks for the answer.
> Yes i have confidential client, i have web application, that asks Keycloak server
> to authenticate a user for them. As I understand, bearer-only is for web
> services clients.
> I probably something do not understand?
>
> 2017-01-09 11:44 GMT+02:00 Stian Thorgersen <sthorger at redhat.com>:
>
>> Looks like your services are configured as confidential clients rather
>> than bearer-only and hence is sending a login request back rather than a
>> 401. You should either swap your service war to be a bearer-only client or
>> use the new autodetect-bearer-only option in adapters if you have both web
>> pages and services in the same war.
>>
>> On 8 January 2017 at 23:29, Adam Daduev <daduev.ad at gmail.com> wrote:
>>
>>> Hi, can you help me!
>>> When session expired and ajax request execute in Keycloak, i have error
>>> in
>>> browser console:
>>>
>>> XMLHttpRequest cannot load http://dc09-apps-06:8090/auth/
>>> realms/azovstal/protocol/openid-connect/auth?…ml&state=
>>> 60%2F01fc2e79-6fc0-46b8-9f83-39b7421fedf9&login=true&scope=openid. No
>>> 'Access-Control-Allow-Origin' header is present on the requested
>>> resource.
>>> Origin 'http://localhost:8080' is therefore not allowed access.
>>>
>>> I add in Keycloak admin console, in the client setting, Web Origins=
>>> http://localhost:8080 (or *), and enabled cors in app, but still has
>>> error
>>> in console. I used Keycloak 2.5.0
>>> _______________________________________________
>>> keycloak-user mailing list
>>> keycloak-user at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>>
>>
>


More information about the keycloak-user mailing list