<div dir="ltr">Thanks, I'll try to check that out EAP config issue and endeavour to roll it into the next release (which should be done shortly).<div><br></div><div><a href="https://issues.jboss.org/browse/APIMAN-1286" target="_blank">https://issues.jboss.org/<wbr>browse/APIMAN-1286</a><br></div><div><br></div><div>I can't think of any deliberate changes to the policy engine between 1.2.8.Final and 1.3.1.Final, so if you discover something untoward please let me know.</div><div class="gmail_extra"><br><div class="gmail_quote">On 27 September 2017 at 16:29, Scott Elliott <span dir="ltr"><<a href="mailto:scottpelliott@gmail.com" target="_blank">scottpelliott@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">OK, I tried 1.3.1. Looks like the EAP 7.0 standalone-apiman.xml was not updated to support the Keycloak changes. I used the Wildfly version of the xml file to get it running. However, now it looks like something is wrong with our internal policy plugins that worked in 1.2.8, so I'll have to debug that.<span class="m_-4092159975165885303HOEnZb"><font color="#888888"><div><br></div><div>Scott</div></font></span><div><div class="m_-4092159975165885303h5"><div><br><div class="gmail_quote"><div dir="ltr">On Tue, Sep 26, 2017 at 4:46 PM Marc Savy <<a href="mailto:marc.savy@redhat.com" target="_blank">marc.savy@redhat.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div>Hi Scott,</div><div><br></div>This is a symptom of an issue that was fixed in the latest verions of apiman, please upgrade to 1.3.1.Final if possible and let me know if everything seems to be working fine.</div><div class="gmail_extra"><br><div class="gmail_quote">On 26 September 2017 at 17:15, Scott Elliott <span dir="ltr"><<a href="mailto:scottpelliott@gmail.com" target="_blank">scottpelliott@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Something wrong with io.apiman.gateway.engine.<wbr>beans.util.CaseInsensitiveStri<wbr>ngMultiMap. The response headers start off with:<div><br></div><div>[Server=Jetty(9.2.19.v20160908<wbr>), null, null, Date=Tue, 26 Sep 2017 16:08:00 GMT, null, Content-Type=text/html; charset=ISO-8859-1, null, null, null, X-RateMonitor-Limit=1000, null, WWW-Authenticate=Bearer realm="mytest", error="invalid_token", error_description="Token is not active", X-RateMonitor-Remaining=998, null, null, null, X-RateMonitor-Reset=3119, null, null, null, null, null, null, null, null, null, null, null, null, null, null, Cache-Control=must-revalidate,<wbr>no-cache,no-store]<br></div><div><br></div><div>and after the CORS headers are merged, it's:</div><div><br></div><div>{Access-Control-Allow-Credenti<wbr>als => [true, Bearer realm="mytest", error="invalid_token", error_description="Token is not active"], Access-Control-Allow-Origin => [<a href="http://blah.com" target="_blank">http://blah.com</a>, Jetty(9.2.19.v20160908)], Cache-Control => [must-revalidate,no-cache,no-s<wbr>tore], Content-Type => [text/html; charset=ISO-8859-1], Date => [Tue, 26 Sep 2017 16:08:00 GMT], Server => [Jetty(9.2.19.v20160908)], WWW-Authenticate => [Bearer realm="mytest", error="invalid_token", error_description="Token is not active"], X-RateMonitor-Limit => [1000], X-RateMonitor-Remaining => [998], X-RateMonitor-Reset => [3119]}<br></div><div><br></div><div>The "Server" value and the Access-Control-Allow-Origin are somehow merged.</div></div><div class="m_-4092159975165885303m_7351707312787088104m_9054145692022842573m_-4031387518624509557HOEnZb"><div class="m_-4092159975165885303m_7351707312787088104m_9054145692022842573m_-4031387518624509557h5"><br><div class="gmail_quote"><div dir="ltr">On Tue, Sep 26, 2017 at 11:56 AM Scott Elliott <<a href="mailto:scottpelliott@gmail.com" target="_blank">scottpelliott@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">1.2.8.Final</div><br><div class="gmail_quote"><div dir="ltr">On Tue, Sep 26, 2017 at 8:04 AM Marc Savy <<a href="mailto:marc.savy@redhat.com" target="_blank">marc.savy@redhat.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hi Scott,<div><br></div><div>Which version of Apiman are you using?</div><div><br></div><div>Regards,</div><div>Marc</div></div><div class="gmail_extra"><br><div class="gmail_quote"></div></div><div class="gmail_extra"><div class="gmail_quote">On 26 September 2017 at 00:10, Scott Elliott <span dir="ltr"><<a href="mailto:scottpelliott@gmail.com" target="_blank">scottpelliott@gmail.com</a>></span> wrote:<br></div></div><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Why, when the CORS policy plugin is used, do I get multiple Access-Control-Allow-Origin headers in the response. From curl:<div><br></div><div>Origin: <a href="http://blah.com" target="_blank">http://blah.com</a></div><div><br></div><div>Access-Control-Allow-Origin: <a href="http://blah.com" target="_blank">http://blah.com</a></div><div>Access-Control-Allow-Origin: Jetty(9.2.19.v20160908)</div><div><br></div><div>Chrome does not like the multiple headers, so the API request fails.</div><div><br></div><div><br></div><div><div><br></div><div><br></div></div></div>
<br></blockquote></div></div><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">______________________________<wbr>_________________<br>
Apiman-user mailing list<br>
<a href="mailto:Apiman-user@lists.jboss.org" target="_blank">Apiman-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/apiman-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailma<wbr>n/listinfo/apiman-user</a><br>
<br></blockquote></div><br></div>
</blockquote></div></blockquote></div>
</div></div></blockquote></div><br></div>
</blockquote></div></div></div></div></div>
</blockquote></div><br></div></div>