[Apiman-user] Plugins
Fadi Abdin
fadiabdeen at gmail.com
Thu Aug 20 15:53:17 EDT 2015
I got it . then maybe this is not something i want to do now.
The only reason i was thinking about using plans , is because i have
multiple services and i dont want to setup policies for each one of them .
If i remember correctly, If i setup an application then the URL will change
, which i dont need to.
I only want services to be secured with the same set of policies. any
thoughts ?
On Thu, Aug 20, 2015 at 3:34 PM, Eric Wittmann <eric.wittmann at redhat.com>
wrote:
> Also I should point out that you can only use plans if you also create at
> least one application (so that you can create a contract between the
> application and the service). Plans don't make sense without an
> application, because without an API Key we won't know which plan is in use
> for a particular request.
>
> -Eric
>
>
> On 8/20/2015 2:22 PM, Fadi Abdin wrote:
>
>> I think i'm good now .. I was able to make a test service and passes
>>
>> but i think i found bug .. If i created a plan and set it up with same
>> policies i setup directly into the service with cors and keycloak , the
>> service that with the plan by passes keycloak and let me in even with
>> the browser directly . but the service setup with policies directly
>> inside it displays "OAuth2 'Authorization' header or 'access_token'
>> query parameter must be provided." .. which is correct .
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/apiman-user/attachments/20150820/4e152889/attachment-0001.html
More information about the Apiman-user
mailing list