[Apiman-user] CORS
Marc Savy
marc.savy at redhat.com
Tue Aug 18 09:46:56 EDT 2015
My pleasure! Did it work?
On 17/08/2015 16:38, Fadi Abdin wrote:
> cool .. you're the man ;)
>
>
> On Mon, Aug 17, 2015 at 11:37 AM, Marc Savy <marc.savy at redhat.com
> <mailto:marc.savy at redhat.com>> wrote:
>
> I'm actually testing the fix right now. It will land both on the 1.2.x
> branch and the 1.1.x branch shortly. You should be able to test it out
> in a short while: I'll send you an email when it's available.
>
> On 17/08/2015 16:23, Fadi Abdin wrote:
>
> Thank you Marc,
> Is there a work around that you can think of ?
> I'm doing it with angularjs , very simple
>
> $http({method: 'GET', url: 'http://server/apiman-gateway/service',
> headers: {
> 'Authorization': 'Bearer XXXXXXXXXXXXX'}
> });
>
> I assume you will fix it in the new version , right?
>
>
>
> On Mon, Aug 17, 2015 at 10:52 AM, Marc Savy
> <marc.savy at redhat.com <mailto:marc.savy at redhat.com>
> <mailto:marc.savy at redhat.com <mailto:marc.savy at redhat.com>>> wrote:
>
> Hi,
>
> This is related to the JIRA I linked you to
> (https://issues.jboss.org/browse/APIMAN-516). Because of
> the way the
> policy chain currently works the behaviour of CORS is
> invalid in a
> few very specific cases (e.g. when you stack it with an auth
> policy). I'll let you know when it's fixed.
>
> Regards,
> Marc
>
> On 17/08/2015 15:44, Fadi Abdin wrote:
>
> I have a problem in calling a service in apiman-gateway
> with the
> Authorization: Bearer <token> in the header.
>
> It seems to preflight OPTIONS and return
>
> 1.
> X-Policy-Failure-Message:
> OAuth2 'Authorization' header or 'access_token' query
> parameter must
> be provided.
>
> I am sending the bearer token with the request and i
> make sure
> in the
> preflight its sent in the request.
>
> 1.
> Access-Control-Request-Headers:
> accept, authorization
>
> Does anyone know if there Is something i'm missing ?
> do i need
> to get
> authorization enabled or added anywhere ? as a side
> note i have
> below in
> my api as well:
>
> response.setHeader("Access-Control-Allow-Headers",
> "Authorization");
>
>
> _______________________________________________
> Apiman-user mailing list
> Apiman-user at lists.jboss.org <mailto:Apiman-user at lists.jboss.org>
> <mailto:Apiman-user at lists.jboss.org
> <mailto:Apiman-user at lists.jboss.org>>
> https://lists.jboss.org/mailman/listinfo/apiman-user
>
>
>
>
>
More information about the Apiman-user
mailing list