[Apiman-user] CORS

Marc Savy marc.savy at redhat.com
Mon Aug 17 11:37:17 EDT 2015 

I'm actually testing the fix right now. It will land both on the 1.2.x
branch and the 1.1.x branch shortly. You should be able to test it out
in a short while: I'll send you an email when it's available.

On 17/08/2015 16:23, Fadi Abdin wrote:
> Thank you Marc,
> Is there a work around that you can think of ?
> I'm doing it with angularjs  , very simple
>
> $http({method: 'GET', url: 'http://server/apiman-gateway/service',
> headers: {
>      'Authorization': 'Bearer XXXXXXXXXXXXX'}
> });
>
> I assume you will fix it in the new version , right?
>
>
>
> On Mon, Aug 17, 2015 at 10:52 AM, Marc Savy <marc.savy at redhat.com
> <mailto:marc.savy at redhat.com>> wrote:
>
>     Hi,
>
>     This is related to the JIRA I linked you to
>     (https://issues.jboss.org/browse/APIMAN-516). Because of the way the
>     policy chain currently works the behaviour of CORS is invalid in a
>     few very specific cases (e.g. when you stack it with an auth
>     policy). I'll let you know when it's fixed.
>
>     Regards,
>     Marc
>
>     On 17/08/2015 15:44, Fadi Abdin wrote:
>
>         I have a problem in calling a service in apiman-gateway with the
>         Authorization: Bearer <token> in the header.
>
>         It seems to preflight OPTIONS and return
>
>           1.
>              X-Policy-Failure-Message:
>              OAuth2 'Authorization' header or 'access_token' query
>         parameter must
>              be provided.
>
>         I am sending the bearer token with the request and i make sure
>         in the
>         preflight its sent in the request.
>
>           1.
>              Access-Control-Request-Headers:
>              accept, authorization
>
>         Does anyone know if there Is something i'm missing ?  do i need
>         to get
>         authorization enabled or added anywhere ? as a side note i have
>         below in
>         my api as well:
>
>         response.setHeader("Access-Control-Allow-Headers", "Authorization");
>
>
>         _______________________________________________
>         Apiman-user mailing list
>         Apiman-user at lists.jboss.org <mailto:Apiman-user at lists.jboss.org>
>         https://lists.jboss.org/mailman/listinfo/apiman-user
>
>
>

More information about the Apiman-user mailing list