Web page fetch request causing CORS Error when session expired on RHBK

Solution Verified - Updated -

Issue

  • When session expired, RHBK can not redirect to login page, the error log in browser console indicate the fetch request was failured due to CORS issue:
Access to fetch at 'http://xxx.yyy.com:4580/auth/realms/zzzGroup/protocol/openid-connect/auth?response_type=code&client_id=it-ipms&redirect_uri=http%3A%2F%2Fdn2xxx.zzz.com%3A7601%2FIPMS%2Fmmm&state=9bd902b1-0c30-4d46-b523-38d12986cb76&login=true&scope=openid' (redirected from 'http://xxx.yyy.com:7601/nnn/mmm') from origin 'http://xxx.yyy.com:7601' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
  • Although configured the CORS in the client adapter, this error still exists.

Environment

  • Red Hat build of Keycloak 22+
  • Red Hat build of Keycloak Java adapters

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content