2

We have an MVC5-application that uses ADFS 3.0 for authentication. We are using ajax a lot, and when the token times out, the client is likely to attempt to retrieve a new one via ajax (through a redirect, the normal way) .

When this happens the browser refuses because "No 'Access-Control-Allow-Origin' header is present on the requested resource.".

As I understand, this is because the browser does not wish to allow cross-domain requests via JavaScript.

What are my options to circumvent this? Can I change the header of the responses from ADFS to allow cross-domain ajax requests, or do I need to somehow catch this exception on the client side and do a full redirect in order to obtain a new token? If so, how would I go about this?

severin
  • 5,203
  • 9
  • 35
  • 48
  • I had same issue. Have you get anything working so far? – user1220402 Nov 10 '14 at 05:05
  • No, I haven't had the time to look at it yet, but I've been told [some of these answers](http://stackoverflow.com/questions/7746222/ad-fs-2-0-authentication-and-ajax) should point me in the right direction – severin Nov 10 '14 at 08:21

0 Answers0