[Apiman-user] HTTP Methods

Fadi Abdin fadiabdeen at gmail.com
Wed Sep 9 13:32:49 EDT 2015


Hey Marc ,

There is still a problem. I just installed the latest version and tried a
POST , the preflight passes but the acual post failes .. check this

Pre-Flight : https://gist.github.com/fadiabdeen/fad62e55a3fa161f8b82
Post : https://gist.github.com/fadiabdeen/6990954142c936e3c54a





On Sat, Sep 5, 2015 at 7:29 AM, Fadi Abdin <fadiabdeen at gmail.com> wrote:

> Hey Marc,
>
> Thanks for asking.. I did not try updating the new version to get other
> the GET to work.
>
> Otherwise everything was perfect until Friday. and all the sudden some
> services start giving 500 when calling them (only in one of the
> environments setup). then i tried duplicating the the service and pumpup
> the version and it worked .. that was weird. but the cors didnt work. I did
> not fully invistigate whats going on but i was ready to send you an email
> explaining what happened after collecting more information. i'm not sure
> why i keep having some issues like this . but if i got a chance this
> weekend i might send you details.
>
> Thanks,
> Fadi
>
>
> On Sat, Sep 5, 2015 at 7:20 AM, Marc Savy <msavy at redhat.com> wrote:
>
>> Fadi - Is this all working as expected?
>>
>> ----- Original Message -----
>> From: "Marc Savy" <marc.savy at redhat.com>
>> To: "Fadi Abdin" <fadiabdeen at gmail.com>
>> Cc: "apiman-user" <apiman-user at lists.jboss.org>
>> Sent: Friday, 28 August, 2015 1:42:25 PM
>> Subject: Re: [Apiman-user] HTTP Methods
>>
>> Should be 'apiman-plugins-cors-policy' ; repo is 'apiman-plugins'
>>
>> On 28/08/2015 13:40, Fadi Abdin wrote:
>> > latest of cors-policy-plugin?
>> >
>> > On Fri, Aug 28, 2015 at 5:53 AM, Marc Savy <marc.savy at redhat.com
>> > <mailto:marc.savy at redhat.com>> wrote:
>> >
>> >     I think there may have been some overzealous error detection going
>> >     on. Please try out the latest master/1.1.x.
>> >
>> >
>> >     On 27/08/2015 20:02, Eric Wittmann wrote:
>> >
>> >         Hi Fadi.
>> >
>> >         It's possible this is a bug in the CORS policy or a
>> >         mis-configuration.
>> >         Hopefully Marc can respond shortly.
>> >
>> >         One thing I'll say is that you *probably* don't need to include
>> >         "OPTIONS" as one of the allowed CORS methods.
>> >
>> >         -Eric
>> >
>> >         On 8/27/2015 2:48 PM, Fadi Abdin wrote:
>> >          > Hey Eric / Marc,
>> >          >
>> >          > Everything going good so far with the CORS fix but guessing
>> >         there is
>> >          > something still, or maybe i'm doing something wrong ( it
>> >         always happened
>> >          > to me ).
>> >          >
>> >          > I have setup my CORS Policy in API Man and included
>> >          > "Access-Control-Allow-Methods" :
>> >         "OPTIONS","GET","POST","DELETE",'PUT".
>> >          >
>> >          > But i get a 403 and "CORS: Invalid preflight request; must
>> >         use OPTIONS
>> >          > verb." on ANY service that is not GET.
>> >          >
>> >          > OPTIONS Header :
>> >          >
>> >          >       1.
>> >          >          Remote Address:
>> >          > 172.26.209.66:443 <http://172.26.209.66:443>
>> >         <http://172.26.209.66:443>
>> >          >       2.
>> >          >          Request URL:
>> >          >
>> >
>> https://dev-internal-api.expdev.local/apiman-gateway/express/integration/1.0/test/methods/post
>> >          >       3.
>> >          >          Request Method:
>> >          >          OPTIONS
>> >          >       4.
>> >          >          Status Code:
>> >          >          200 OK
>> >          >   1. Response Headersview source
>> >          >       1.
>> >          >          Access-Control-Allow-Headers:
>> >          >          Accept, Authorization, Head
>> >          >       2.
>> >          >          Access-Control-Allow-Methods:
>> >          >          OPTIONS, GET, POST, DELETE, PUT
>> >          >       3.
>> >          >          Access-Control-Allow-Origin:
>> >          > http://localhost:8383
>> >          >       4.
>> >          >          Access-Control-Max-Age:
>> >          >          0
>> >          >       5.
>> >          >          Connection:
>> >          >          keep-alive
>> >          >       6.
>> >          >          Date:
>> >          >          Thu, 27 Aug 2015 18:44:39 GMT
>> >          >       7.
>> >          >          Server:
>> >          >          WildFly/8
>> >          >       8.
>> >          >          Transfer-Encoding:
>> >          >          chunked
>> >          >       9.
>> >          >          X-Powered-By:
>> >          >          Undertow/1
>> >          >   2. Request Headersview source
>> >          >       1.
>> >          >          Accept:
>> >          >          */*
>> >          >       2.
>> >          >          Accept-Encoding:
>> >          >          gzip, deflate, sdch
>> >          >       3.
>> >          >          Accept-Language:
>> >          >          en-US,en;q=0.8,ar;q=0.6
>> >          >       4.
>> >          >          Access-Control-Request-Headers:
>> >          >          accept, authorization
>> >          >       5.
>> >          >          Access-Control-Request-Method:
>> >          >          POST
>> >          >       6.
>> >          >          Cache-Control:
>> >          >          no-cache
>> >          >       7.
>> >          >          Connection:
>> >          >          keep-alive
>> >          >       8.
>> >          >          Host:
>> >          >          dev-internal-api.expdev.local
>> >          >       9.
>> >          >          Origin:
>> >          > http://localhost:8383
>> >          >      10.
>> >          >          Pragma:
>> >          >          no-cache
>> >          >      11.
>> >          >          Referer:
>> >          >
>> >
>> http://localhost:8383/keycloak-oauth/index.html?code=1SnLPvM2b4cuXeMp3w8s-3ETKBuI7hyPFy6mRs3hMy4.677e4cee-3dd7-4d19-9268-5045d171327
>> >          >
>> >          >
>> >          >
>> >          >
>> >          > POST HEADER
>> >          >
>> >          >           1.
>> >          >              Remote Address:
>> >          > 172.26.209.66:443 <http://172.26.209.66:443>
>> >         <http://172.26.209.66:443>
>> >          >           2.
>> >          >              Request URL:
>> >          >
>> >
>> https://dev-internal-api.expdev.local/apiman-gateway/express/integration/1.0/test/methods/post
>> >          >           3.
>> >          >              Request Method:
>> >          >              POST
>> >          >           4.
>> >          >              Status Code:
>> >          >              403 Forbidden
>> >          >       1. Response Headersview source
>> >          >           1.
>> >          >              Access-Control-Allow-Origin:
>> >          > http://localhost:8383
>> >          >           2.
>> >          >              Connection:
>> >          >              keep-alive
>> >          >           3.
>> >          >              Content-Length:
>> >          >              195
>> >          >           4.
>> >          >              Content-Type:
>> >          >              application/json
>> >          >           5.
>> >          >              Date:
>> >          >              Thu, 27 Aug 2015 18:44:39 GMT
>> >          >           6.
>> >          >              Server:
>> >          >              WildFly/8
>> >          >           7.
>> >          >              X-Policy-Failure-Code:
>> >          >              400
>> >          >           8.
>> >          >              X-Policy-Failure-Message:
>> >          >              CORS: Invalid preflight request; must use
>> >         OPTIONS verb.
>> >          >           9.
>> >          >              X-Policy-Failure-Type:
>> >          >              Authorization
>> >          >          10.
>> >          >              X-Powered-By:
>> >          >              Undertow/1
>> >          >       2. Request Headersview source
>> >          >           1.
>> >          >              Accept:
>> >          >              application/json, text/plain, */*
>> >          >           2.
>> >          >              Accept-Encoding:
>> >          >              gzip, deflate
>> >          >           3.
>> >          >              Accept-Language:
>> >          >              en-US,en;q=0.8,ar;q=0.6
>> >          >           4.
>> >          >              Authorization:
>> >          >              Bearer
>> >          >
>> >
>>  eyJhbGciOiJSUzI1NiJ9.eyJqdGkiOiJkYTI.................................qoQRgKQ
>> >          >           5.
>> >          >              Cache-Control:
>> >          >              no-cache
>> >          >           6.
>> >          >              Connection:
>> >          >              keep-alive
>> >          >           7.
>> >          >              Content-Length:
>> >          >              0
>> >          >           8.
>> >          >              Host:
>> >          >              dev-internal-api.expdev.local
>> >          >           9.
>> >          >              Origin:
>> >          > http://localhost:8383
>> >          >          10.
>> >          >              Pragma:
>> >          >              no-cache
>> >          >          11.
>> >          >
>> >          > 12.
>> >          >
>> >          >
>> >          >
>> >          >
>> >          > _______________________________________________
>> >          > Apiman-user mailing list
>> >          > Apiman-user at lists.jboss.org <mailto:
>> Apiman-user at lists.jboss.org>
>> >          > https://lists.jboss.org/mailman/listinfo/apiman-user
>> >          >
>> >         _______________________________________________
>> >         Apiman-user mailing list
>> >         Apiman-user at lists.jboss.org <mailto:Apiman-user at lists.jboss.org
>> >
>> >         https://lists.jboss.org/mailman/listinfo/apiman-user
>> >
>> >
>> >
>>
>> _______________________________________________
>> Apiman-user mailing list
>> Apiman-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/apiman-user
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/apiman-user/attachments/20150909/53b340c0/attachment-0001.html 


More information about the Apiman-user mailing list