<div dir="ltr">Hey Christos <div><br></div><div>I've seen a few of these and perhaps all. I'm currently working on extracting the webapp into a separate project/modules named contacts-mobile-webapp. The webapp in that module was extracted from contacts-mobile-picketlink-secured and I've made some modifications.</div>
<div><br></div><div>For the logout issue I had to add the following:</div><div><a href="https://github.com/danbev/jboss-wfk-quickstarts/commit/d097ddf5c7385cf7ff8e7b003305ddb743d7fb2b#diff-e084cf285ab2733dcd0478559aa4aa40R164">https://github.com/danbev/jboss-wfk-quickstarts/commit/d097ddf5c7385cf7ff8e7b003305ddb743d7fb2b#diff-e084cf285ab2733dcd0478559aa4aa40R164</a><br>
</div><div>This was to make the CORSFilter happy or it would consider the request invalid. </div><div><br></div><div>I've also seen the 403 Forbidden messages but I'm no longer able to reproduce them. I'll take another look at this though.</div>
<div><br></div><div>[1] <a href="https://github.com/danbev/jboss-wfk-quickstarts/tree/push-proxy-quickstart">https://github.com/danbev/jboss-wfk-quickstarts/tree/push-proxy-quickstart</a></div></div><div class="gmail_extra">
<br><br><div class="gmail_quote">On 26 May 2014 11:29, Christos Vasilakis <span dir="ltr"><<a href="mailto:cvasilak@gmail.com" target="_blank">cvasilak@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Hi all,<br>
<br>
during the development of the iOS contacts client [1] , came across the following issues on the web interface. (Note: I am using edewit [2] branch that contains the Push functionality).<br>
<br>
a) Login with “duke:duke" (role.MAINTAINER) and try to edit(PUT) an existing contact you get back a 403-Forbidden message.<br>
b) Login with “admin:admin (role.ADMIN) and try to delete(DELETE) an existing contact you get back a 403-Forbidden message.<br>
<br>
Interestingly enough, on the iOS client using the same credentials in the above scenarios, they work correctly.. so possible(?) there are some issues on the web interface.<br>
<br>
c) Logout on the web interface gives back a “Forbidden” message.<br>
<br>
Tested on both wildfly-8.1.0.CR1 / CR2 and JBoss- EAP-6.2<br>
<br>
Let me know if these are currently worked on or you want me to create JIRA’s.<br>
<br>
Thanks,<br>
Christos<br>
<br>
<br>
[1] <a href="https://github.com/aerogear/aerogear-push-quickstarts/pull/3" target="_blank">https://github.com/aerogear/aerogear-push-quickstarts/pull/3</a><br>
[2] <a href="https://github.com/edewit/jboss-wfk-quickstarts/tree/push/contacts-mobile-picketlink-secured" target="_blank">https://github.com/edewit/jboss-wfk-quickstarts/tree/push/contacts-mobile-picketlink-secured</a><br>
<div class="HOEnZb"><div class="h5">_______________________________________________<br>
aerogear-dev mailing list<br>
<a href="mailto:aerogear-dev@lists.jboss.org">aerogear-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br>
</div></div></blockquote></div><br></div>