Hey Christos

I've seen a few of these and perhaps all. I'm currently working on extracting the webapp into a separate project/modules named contacts-mobile-webapp. The webapp in that module was extracted from contacts-mobile-picketlink-secured and I've made some modifications.

For the logout issue I had to add the following:

https://github.com/danbev/jboss-wfk-quickstarts/commit/d097ddf5c7385cf7ff8e7b003305ddb743d7fb2b#diff-e084cf285ab2733dcd0478559aa4aa40R164

This was to make the CORSFilter happy or it would consider the request invalid.

I've also seen the 403 Forbidden messages but I'm no longer able to reproduce them. I'll take another look at this though.

[1] https://github.com/danbev/jboss-wfk-quickstarts/tree/push-proxy-quickstart

On 26 May 2014 11:29, Christos Vasilakis <cvasilak@gmail.com> wrote:

Hi all,

during the development of the iOS contacts client [1] , came across the following issues on the web interface. (Note: I am using edewit [2] branch that contains the Push functionality).

a) Login with “duke:duke" (role.MAINTAINER) and try to edit(PUT) an existing contact you get back a 403-Forbidden message.
b) Login with “admin:admin (role.ADMIN) and try to delete(DELETE) an existing contact you get back a 403-Forbidden message.

Interestingly enough, on the iOS client using the same credentials in the above scenarios, they work correctly.. so possible(?) there are some issues on the web interface.

c) Logout on the web interface gives back a “Forbidden” message.

Tested on both wildfly-8.1.0.CR1 / CR2 and JBoss- EAP-6.2

Let me know if these are currently worked on or you want me to create JIRA’s.

Thanks,
Christos

[1] https://github.com/aerogear/aerogear-push-quickstarts/pull/3
[2] https://github.com/edewit/jboss-wfk-quickstarts/tree/push/contacts-mobile-picketlink-secured

_______________________________________________
aerogear-dev mailing list
aerogear-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev