[Apiman-user] 401 on a CORS preflight request

Eric Wittmann eric.wittmann at redhat.com
Fri Jul 22 08:15:18 EDT 2016 

Thanks for the info.  You've hit a bug in apiman, unfortunately.  I have 
created a ticket for this bug here:

   https://issues.jboss.org/browse/APIMAN-1209

You can resolve (workaround) this issue locally (without rebuilding 
apiman) or you can wait for us to fix the bug and release a new version. 
  If you would like instructions on how to workaround the bug locally 
let me know.

-Eric

On 7/22/2016 7:55 AM, Jairo Junior wrote:
> EAP 7.0 + apiman 1.2.7 overlay, but I've also tried with docker image
> apiman/on-wildfly10:1.2.7.Final
>
> /apiman-gateway/org/service/1.0 with Keycloak OAuth Policy
>
> On Fri, Jul 22, 2016 at 8:29 AM Eric Wittmann <eric.wittmann at redhat.com
> <mailto:eric.wittmann at redhat.com>> wrote:
>
>     Apiman should allow OPTIONS requests without requiring authorization.
>     What is your setup/configuration (which app server, etc)?  Also what
>     apiman REST endpoints are you trying to access?
>
>     -Eric
>
>     On 7/22/2016 7:22 AM, Jairo Junior wrote:
>     > I've been trying to setup apiman + keycloak-oauth-plugin + keycloak +
>     > keycloak.js with a client-side angularjs app and a REST API. It's a
>     > scenario very similar to
>     >
>     https://github.com/keycloak/keycloak/tree/master/examples/demo-template/angular-product-app,
>     > but with apiman and CORS.
>     >
>     > My test are going well with curl, but using my javascript app the
>     > browser it is performing a CORS preflight OPTIONS request without
>     > authorization header.
>     >
>     > OPTIONS request works well with authorization header using curl,
>     > therefore, I'm not sure whether the browser should include
>     authorization
>     > header or apiman should allows CORS preflight requests (OPTIONS)
>     without
>     > authorization header.
>     >
>     >
>     > _______________________________________________
>     > Apiman-user mailing list
>     > Apiman-user at lists.jboss.org <mailto:Apiman-user at lists.jboss.org>
>     > https://lists.jboss.org/mailman/listinfo/apiman-user
>     >
>

More information about the Apiman-user mailing list