[Apiman-user] HTTP Methods
Marc Savy
marc.savy at redhat.com
Wed Sep 9 14:02:13 EDT 2015
1.2.0-SNAPSHOT plugins I mean (i.e. master of apiman/apiman-plugins)
On 09/09/2015 19:01, Marc Savy wrote:
> It should be in 1.1.7.Final plugins :(.
>
> Please try 1.2.0-SNAPSHOT - it should still work just fine with 1.1.x
>
> On 09/09/2015 18:57, Fadi Abdin wrote:
> > I'm running 1.1.x with version 1.1.8-SNAPSHOT and the plugins are
> > 1.1.7.Final
> >
> >
> >
> > On Wed, Sep 9, 2015 at 1:53 PM, Marc Savy <marc.savy at redhat.com
> > <mailto:marc.savy at redhat.com>> wrote:
> >
> > It seems to work for me on 1.2.0-SNAPSHOT for me. Maybe you're
> > picking up an old version of the plugin somehow? :-(
> >
> > Is there any chance you can provide a reproducer script? Use
> > something else other than the OAuth2 policy
> >
> > So have something like:
> >
> > CORS -> Rate Limiting Policy
> >
> > Then your script would be something that accesses that backend
> > service using a POST request, and hopefully it'll reveal the issue
> > (can just be a curl command with all the appropriate headers set).
> >
> >
> >
> >
> >
> > On 09/09/2015 18:41, Fadi Abdin wrote:
> >
> > The problem is that CORS wont work for other than GET , i tried
> > POST,PUT,DELETE , all fail
> >
> > Thanks for looking into it.
> >
> >
> > On Wed, Sep 9, 2015 at 1:35 PM, Marc Savy <marc.savy at redhat.com
> > <mailto:marc.savy at redhat.com>
> > <mailto:marc.savy at redhat.com <mailto:marc.savy at redhat.com>>>
> > wrote:
> >
> > I'll try to check it out - I thought this was the problem
> > already
> > fixed. Will attempt to verify and get back to you.
> >
> > On 09/09/2015 18:32, Fadi Abdin wrote:
> >
> > Hey Marc ,
> >
> > There is still a problem. I just installed the latest
> > version
> > and tried
> > a POST , the preflight passes but the acual post failes
> > .. check
> > this
> >
> > Pre-Flight :
> > https://gist.github.com/fadiabdeen/fad62e55a3fa161f8b82
> > Post :
> > https://gist.github.com/fadiabdeen/6990954142c936e3c54a
> >
> >
> >
> >
> >
> > On Sat, Sep 5, 2015 at 7:29 AM, Fadi Abdin
> > <fadiabdeen at gmail.com <mailto:fadiabdeen at gmail.com>
> > <mailto:fadiabdeen at gmail.com
> > <mailto:fadiabdeen at gmail.com>>
> > <mailto:fadiabdeen at gmail.com
> > <mailto:fadiabdeen at gmail.com> <mailto:fadiabdeen at gmail.com
> > <mailto:fadiabdeen at gmail.com>>>> wrote:
> >
> > Hey Marc,
> >
> > Thanks for asking.. I did not try updating the new
> > version
> > to get
> > other the GET to work.
> >
> > Otherwise everything was perfect until Friday. and
> > all the
> > sudden
> > some services start giving 500 when calling them
> > (only in
> > one of the
> > environments setup). then i tried duplicating
> > the the
> > service and
> > pumpup the version and it worked .. that was
> > weird. but the
> > cors
> > didnt work. I did not fully invistigate whats
> > going on but
> > i was
> > ready to send you an email explaining what
> > happened after
> > collecting
> > more information. i'm not sure why i keep having
> > some
> > issues like
> > this . but if i got a chance this weekend i might
> > send you
> > details.
> >
> > Thanks,
> > Fadi
> >
> >
> > On Sat, Sep 5, 2015 at 7:20 AM, Marc Savy
> > <msavy at redhat.com <mailto:msavy at redhat.com>
> > <mailto:msavy at redhat.com <mailto:msavy at redhat.com>>
> > <mailto:msavy at redhat.com <mailto:msavy at redhat.com>
> > <mailto:msavy at redhat.com <mailto:msavy at redhat.com>>>> wrote:
> >
> > Fadi - Is this all working as expected?
> >
> > ----- Original Message -----
> > From: "Marc Savy" <marc.savy at redhat.com
> > <mailto:marc.savy at redhat.com>
> > <mailto:marc.savy at redhat.com
> > <mailto:marc.savy at redhat.com>>
> > <mailto:marc.savy at redhat.com
> > <mailto:marc.savy at redhat.com>
> > <mailto:marc.savy at redhat.com
> > <mailto:marc.savy at redhat.com>>>>
> > To: "Fadi Abdin" <fadiabdeen at gmail.com
> > <mailto:fadiabdeen at gmail.com>
> > <mailto:fadiabdeen at gmail.com
> > <mailto:fadiabdeen at gmail.com>>
> > <mailto:fadiabdeen at gmail.com
> > <mailto:fadiabdeen at gmail.com>
> > <mailto:fadiabdeen at gmail.com
> > <mailto:fadiabdeen at gmail.com>>>>
> > Cc: "apiman-user" <apiman-user at lists.jboss.org
> > <mailto:apiman-user at lists.jboss.org>
> > <mailto:apiman-user at lists.jboss.org
> > <mailto:apiman-user at lists.jboss.org>>
> > <mailto:apiman-user at lists.jboss.org
> > <mailto:apiman-user at lists.jboss.org>
> >
> > <mailto:apiman-user at lists.jboss.org
> > <mailto:apiman-user at lists.jboss.org>>>>
> > Sent: Friday, 28 August, 2015 1:42:25 PM
> > Subject: Re: [Apiman-user] HTTP Methods
> >
> > Should be 'apiman-plugins-cors-policy' ;
> > repo is
> > 'apiman-plugins'
> >
> > On 28/08/2015 13:40, Fadi Abdin wrote:
> > > latest of cors-policy-plugin?
> > >
> > > On Fri, Aug 28, 2015 at 5:53 AM, Marc Savy
> > <marc.savy at redhat.com
> > <mailto:marc.savy at redhat.com> <mailto:marc.savy at redhat.com
> > <mailto:marc.savy at redhat.com>>
> > <mailto:marc.savy at redhat.com
> > <mailto:marc.savy at redhat.com> <mailto:marc.savy at redhat.com
> > <mailto:marc.savy at redhat.com>>>
> > > <mailto:marc.savy at redhat.com
> > <mailto:marc.savy at redhat.com>
> > <mailto:marc.savy at redhat.com
> > <mailto:marc.savy at redhat.com>> <mailto:marc.savy at redhat.com
> > <mailto:marc.savy at redhat.com>
> > <mailto:marc.savy at redhat.com
> > <mailto:marc.savy at redhat.com>>>>>
> >
> > wrote:
> > >
> > > I think there may have been some
> > overzealous error
> > detection going
> > > on. Please try out the latest
> > master/1.1.x.
> > >
> > >
> > > On 27/08/2015 20:02, Eric Wittmann
> > wrote:
> > >
> > > Hi Fadi.
> > >
> > > It's possible this is a bug in
> > the CORS
> > policy or a
> > > mis-configuration.
> > > Hopefully Marc can respond shortly.
> > >
> > > One thing I'll say is that you
> > *probably*
> > don't need
> > to include
> > > "OPTIONS" as one of the allowed
> > CORS methods.
> > >
> > > -Eric
> > >
> > > On 8/27/2015 2:48 PM, Fadi Abdin
> > wrote:
> > > > Hey Eric / Marc,
> > > >
> > > > Everything going good so far
> > with the
> > CORS fix but
> > guessing
> > > there is
> > > > something still, or maybe i'm
> > doing something
> > wrong ( it
> > > always happened
> > > > to me ).
> > > >
> > > > I have setup my CORS Policy in
> > API Man
> > and included
> > > > "Access-Control-Allow-Methods" :
> > >
> > "OPTIONS","GET","POST","DELETE",'PUT".
> > > >
> > > > But i get a 403 and "CORS:
> > Invalid preflight
> > request; must
> > > use OPTIONS
> > > > verb." on ANY service that is
> > not GET.
> > > >
> > > > OPTIONS Header :
> > > >
> > > > 1.
> > > > Remote Address:
> > > > 172.26.209.66:443
> > <http://172.26.209.66:443>
> > <http://172.26.209.66:443> <http://172.26.209.66:443>
> > <http://172.26.209.66:443>
> > > <http://172.26.209.66:443>
> > > > 2.
> > > > Request URL:
> > > >
> > >
> >
> > https://dev-internal-api.expdev.local/apiman-gateway/express/integration/1.0/test/methods/post
> >
> > > > 3.
> > > > Request Method:
> > > > OPTIONS
> > > > 4.
> > > > Status Code:
> > > > 200 OK
> > > > 1. Response Headersview source
> > > > 1.
> > > >
> > Access-Control-Allow-Headers:
> > > > Accept,
> > Authorization, Head
> > > > 2.
> > > >
> > Access-Control-Allow-Methods:
> > > > OPTIONS, GET, POST,
> > DELETE, PUT
> > > > 3.
> > > >
> > Access-Control-Allow-Origin:
> > > > http://localhost:8383
> > > > 4.
> > > > Access-Control-Max-Age:
> > > > 0
> > > > 5.
> > > > Connection:
> > > > keep-alive
> > > > 6.
> > > > Date:
> > > > Thu, 27 Aug 2015
> > 18:44:39 GMT
> > > > 7.
> > > > Server:
> > > > WildFly/8
> > > > 8.
> > > > Transfer-Encoding:
> > > > chunked
> > > > 9.
> > > > X-Powered-By:
> > > > Undertow/1
> > > > 2. Request Headersview source
> > > > 1.
> > > > Accept:
> > > > */*
> > > > 2.
> > > > Accept-Encoding:
> > > > gzip, deflate, sdch
> > > > 3.
> > > > Accept-Language:
> > > > en-US,en;q=0.8,ar;q=0.6
> > > > 4.
> > > >
> > Access-Control-Request-Headers:
> > > > accept, authorization
> > > > 5.
> > > >
> > Access-Control-Request-Method:
> > > > POST
> > > > 6.
> > > > Cache-Control:
> > > > no-cache
> > > > 7.
> > > > Connection:
> > > > keep-alive
> > > > 8.
> > > > Host:
> > > >
> > dev-internal-api.expdev.local
> > > > 9.
> > > > Origin:
> > > > http://localhost:8383
> > > > 10.
> > > > Pragma:
> > > > no-cache
> > > > 11.
> > > > Referer:
> > > >
> > >
> >
> > http://localhost:8383/keycloak-oauth/index.html?code=1SnLPvM2b4cuXeMp3w8s-3ETKBuI7hyPFy6mRs3hMy4.677e4cee-3dd7-4d19-9268-5045d171327
> >
> > > >
> > > >
> > > >
> > > >
> > > > POST HEADER
> > > >
> > > > 1.
> > > > Remote Address:
> > > > 172.26.209.66:443
> > <http://172.26.209.66:443>
> > <http://172.26.209.66:443> <http://172.26.209.66:443>
> > <http://172.26.209.66:443>
> > > <http://172.26.209.66:443>
> > > > 2.
> > > > Request URL:
> > > >
> > >
> >
> > https://dev-internal-api.expdev.local/apiman-gateway/express/integration/1.0/test/methods/post
> >
> > > > 3.
> > > > Request Method:
> > > > POST
> > > > 4.
> > > > Status Code:
> > > > 403 Forbidden
> > > > 1. Response Headersview
> > source
> > > > 1.
> > > >
> > Access-Control-Allow-Origin:
> > > > http://localhost:8383
> > > > 2.
> > > > Connection:
> > > > keep-alive
> > > > 3.
> > > > Content-Length:
> > > > 195
> > > > 4.
> > > > Content-Type:
> > > > application/json
> > > > 5.
> > > > Date:
> > > > Thu, 27 Aug 2015
> > 18:44:39 GMT
> > > > 6.
> > > > Server:
> > > > WildFly/8
> > > > 7.
> > > >
> > X-Policy-Failure-Code:
> > > > 400
> > > > 8.
> > > >
> > X-Policy-Failure-Message:
> > > > CORS: Invalid
> > preflight
> > request; must use
> > > OPTIONS verb.
> > > > 9.
> > > >
> > X-Policy-Failure-Type:
> > > > Authorization
> > > > 10.
> > > > X-Powered-By:
> > > > Undertow/1
> > > > 2. Request Headersview
> > source
> > > > 1.
> > > > Accept:
> > > > application/json,
> > text/plain, */*
> > > > 2.
> > > > Accept-Encoding:
> > > > gzip, deflate
> > > > 3.
> > > > Accept-Language:
> > > >
> > en-US,en;q=0.8,ar;q=0.6
> > > > 4.
> > > > Authorization:
> > > > Bearer
> > > >
> > >
> >
> >
> >
> > eyJhbGciOiJSUzI1NiJ9.eyJqdGkiOiJkYTI.................................qoQRgKQ
> >
> > > > 5.
> > > > Cache-Control:
> > > > no-cache
> > > > 6.
> > > > Connection:
> > > > keep-alive
> > > > 7.
> > > > Content-Length:
> > > > 0
> > > > 8.
> > > > Host:
> > > >
> > dev-internal-api.expdev.local
> > > > 9.
> > > > Origin:
> > > > http://localhost:8383
> > > > 10.
> > > > Pragma:
> > > > no-cache
> > > > 11.
> > > >
> > > > 12.
> > > >
> > > >
> > > >
> > > >
> > > >
> > _______________________________________________
> > > > Apiman-user mailing list
> > > > Apiman-user at lists.jboss.org
> > <mailto:Apiman-user at lists.jboss.org>
> > <mailto:Apiman-user at lists.jboss.org
> > <mailto:Apiman-user at lists.jboss.org>>
> > <mailto:Apiman-user at lists.jboss.org
> > <mailto:Apiman-user at lists.jboss.org>
> > <mailto:Apiman-user at lists.jboss.org
> > <mailto:Apiman-user at lists.jboss.org>>>
> > <mailto:Apiman-user at lists.jboss.org
> > <mailto:Apiman-user at lists.jboss.org>
> > <mailto:Apiman-user at lists.jboss.org
> > <mailto:Apiman-user at lists.jboss.org>>
> > <mailto:Apiman-user at lists.jboss.org
> > <mailto:Apiman-user at lists.jboss.org>
> > <mailto:Apiman-user at lists.jboss.org
> > <mailto:Apiman-user at lists.jboss.org>>>>
> > > >
> > https://lists.jboss.org/mailman/listinfo/apiman-user
> > > >
> > >
> > _______________________________________________
> > > Apiman-user mailing list
> > > Apiman-user at lists.jboss.org
> > <mailto:Apiman-user at lists.jboss.org>
> > <mailto:Apiman-user at lists.jboss.org
> > <mailto:Apiman-user at lists.jboss.org>>
> > <mailto:Apiman-user at lists.jboss.org
> > <mailto:Apiman-user at lists.jboss.org>
> > <mailto:Apiman-user at lists.jboss.org
> > <mailto:Apiman-user at lists.jboss.org>>>
> > <mailto:Apiman-user at lists.jboss.org
> > <mailto:Apiman-user at lists.jboss.org>
> > <mailto:Apiman-user at lists.jboss.org
> > <mailto:Apiman-user at lists.jboss.org>>
> > <mailto:Apiman-user at lists.jboss.org
> > <mailto:Apiman-user at lists.jboss.org>
> > <mailto:Apiman-user at lists.jboss.org
> > <mailto:Apiman-user at lists.jboss.org>>>>
> > >
> > https://lists.jboss.org/mailman/listinfo/apiman-user
> > >
> > >
> > >
> >
> > _______________________________________________
> > Apiman-user mailing list
> > Apiman-user at lists.jboss.org <mailto:Apiman-user at lists.jboss.org>
> > <mailto:Apiman-user at lists.jboss.org
> > <mailto:Apiman-user at lists.jboss.org>>
> > <mailto:Apiman-user at lists.jboss.org
> > <mailto:Apiman-user at lists.jboss.org>
> > <mailto:Apiman-user at lists.jboss.org
> > <mailto:Apiman-user at lists.jboss.org>>>
> > https://lists.jboss.org/mailman/listinfo/apiman-user
> >
> >
> >
> >
> >
> >
> >
>
More information about the Apiman-user
mailing list