Details
-
Bug
-
Resolution: Done
-
Major
-
1.5.0.Final
-
None
Description
I’m integrating a web application using angularjs 1.4.6 and keycloak 1.5.0.
The application and keycloak app-servers are on different ports.
The application works ok when the session is not expired.
After session expiration keycloak.updateToken() fails with
400 Bad Request. Chrome shows the following in the console:
XMLHttpRequest cannot load http://localhost:8080/auth/realms/demo/protocol/openid-connect/token. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:9080' is therefore not allowed access. The response had HTTP status code 400.
The behavior is same with Safari and Firefox.
This is keycloak response when session is alive:
--> HTTP/1.1 200 OK
X-Powered-By: Undertow/1
Server: WildFly/9
Access-Control-Expose-Headers: Access-Control-Allow-Methods
Date: Tue, 29 Sep 2015 04:54:52 GMT
Connection: keep-alive
Access-Control-Allow-Origin: http://localhost:9080
Access-Control-Allow-Credentials: true
Transfer-Encoding: chunked
Content-Type: application/json
And this one with session expired:
--> HTTP/1.1 400 Bad Request
Connection: keep-alive
X-Powered-By: Undertow/1
Server: WildFly/9
Transfer-Encoding: chunked
Content-Type: application/json
Date: Tue, 29 Sep 2015 04:55:03 GMT
Attachments
Issue Links
- is duplicated by
-
-
- Closed
-
