Keycloak & Spring Boot Disable CORS

Buğra
Dec 15, 2020

--

It took me a while to achieve this, I think someone will need it

@KeycloakConfiguration
class SecurityConfig extends KeycloakWebSecurityConfigurerAdapter {
@Bean
public FilterRegistrationBean corsFilter() {
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
CorsConfiguration config = new CorsConfiguration().applyPermitDefaultValues();
source.registerCorsConfiguration("/**", config);
FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
bean.setOrder(Ordered.HIGHEST_PRECEDENCE);
return bean;
}
@Override
protected void configure(HttpSecurity http) throws Exception {
super.configure(http);

http.addFilter(corsFilter().getFilter())...
.anyRequest().authenticated()
}}

--

--