September 2015 - Apiman-user - Jboss List Archives

by Marc Savy

And, I know plugin iteration is a pain at the moment, but we're working to fix that as soon as is practicable. In the meanwhile, I want to share with you a quick-and-easy way of replacing the plugin before an official way comes along. Note I'm assuming here that you are running a simple all-in-one wildfly setup. - First, terminate your server - In the server directory, do a `find . -name "*.war" | grep cors` - You'll see something like: $ find . -name "*.war" | grep cors ./target/wildfly-8.2.0.Final/standalone/data/apiman/plugins/io.apiman.plugins/apiman-plugins-cors-policy/1.2.0-SNAPSHOT/apiman-plugins-cors-policy.war ./target/wildfly-8.2.0.Final/standalone/data/apiman/plugins/io.apiman.plugins/apiman-plugins-cors-policy/1.2.0-SNAPSHOT/apiman-plugins-cors-policy.war/plugin.war - Build the latest apiman plugins - Copy the CORS plugin from the target directory and overwrite '/apiman-plugins-cors-policy.war/plugin.war' as above (e.g. cp target/apiman-plugins-cors-policy-1.2.0-SNAPSHOT.war <where the plugin.war is>) - Start your server again Hope that helps. If you have a more complex setup, you may need to do a bit more work. Regards, Marc On 09/09/2015 21:32, Marc Savy wrote: > Fadi, > > I've double checked the git log, and just to reiterate... > - For the `1.1.x` series you need to build the latest HEAD of > apiman-plugins (i.e. git checkout remotes/origin/1.1.x && mvn clean > install) > - For the `1.2.x` series you can use release > `1.2.0.Alpha1`<https://github.com/apiman/apiman-plugins/commit/48bfedffc70f63844e0603447...> > (this should work fine with 1.1.x) > > The error message you're seeing is never generated in the fixed versions. > > Regards, > Marc > On 09/09/2015 20:14, Fadi Abdin wrote: > > i'm surprized to see it passing on the curl request > > > > but with the browser its complaining > > > > Pre-Flight : https://gist.github.com/fadiabdeen/fad62e55a3fa161f8b82 > > Post : https://gist.github.com/fadiabdeen/6990954142c936e3c54a > > > > any idea what is > > > > 1. > > X-Policy-Failure-Message: > > > > > > Authorization > > > > > > > 10. > > > > > > > > > >

8 years, 9 months

1
0
0 / 0

Re: [Apiman-user] HTTP Methods

by Marc Savy

Fadi, I've double checked the git log, and just to reiterate... - For the `1.1.x` series you need to build the latest HEAD of apiman-plugins (i.e. git checkout remotes/origin/1.1.x && mvn clean install) - For the `1.2.x` series you can use release `1.2.0.Alpha1`<https://github.com/apiman/apiman-plugins/commit/48bfedffc70f63844e0603447...> (this should work fine with 1.1.x) The error message you're seeing is never generated in the fixed versions. Regards, Marc On 09/09/2015 20:14, Fadi Abdin wrote: > i'm surprized to see it passing on the curl request > > but with the browser its complaining > > Pre-Flight : https://gist.github.com/fadiabdeen/fad62e55a3fa161f8b82 > Post : https://gist.github.com/fadiabdeen/6990954142c936e3c54a > > any idea what is > > 1. > > > > > > X-Policy-Failure-Type: > > > > > Authorization > > > > > 10. > > > > > >

8 years, 9 months

1
0
0 / 0

Re: [Apiman-user] HTTP Methods

by Marc Savy

If you can provide a reproducer script as mentioned before, I will debug it for you. On 09/09/2015 19:03, Fadi Abdin wrote: > :( ... you know this is not easy .. i wish i can just delete the plugin > and add another one . > > On Wed, Sep 9, 2015 at 2:02 PM, Marc Savy <marc.savy(a)redhat.com > <mailto:marc.savy@redhat.com>> wrote: > > 1.2.0-SNAPSHOT plugins I mean (i.e. master of apiman/apiman-plugins) > > > On 09/09/2015 19:01, Marc Savy wrote: > > It should be in 1.1.7.Final plugins :(. > > Please try 1.2.0-SNAPSHOT - it should still work just fine with > 1.1.x > > On 09/09/2015 18:57, Fadi Abdin wrote: > > I'm running 1.1.x with version 1.1.8-SNAPSHOT and the > plugins are > > 1.1.7.Final > > > > > > > > On Wed, Sep 9, 2015 at 1:53 PM, Marc Savy > <marc.savy(a)redhat.com <mailto:marc.savy@redhat.com> > > <mailto:marc.savy@redhat.com <mailto:marc.savy@redhat.com>>> > wrote: > > > > It seems to work for me on 1.2.0-SNAPSHOT for me. Maybe > you're > > picking up an old version of the plugin somehow? :-( > > > > Is there any chance you can provide a reproducer script? Use > > something else other than the OAuth2 policy > > > > So have something like: > > > > CORS -> Rate Limiting Policy > > > > Then your script would be something that accesses that > backend > > service using a POST request, and hopefully it'll reveal > the issue > > (can just be a curl command with all the appropriate > headers set). > > > > > > > > > > > > On 09/09/2015 18:41, Fadi Abdin wrote: > > > > The problem is that CORS wont work for other than GET > , i tried > > POST,PUT,DELETE , all fail > > > > Thanks for looking into it. > > > > > > On Wed, Sep 9, 2015 at 1:35 PM, Marc Savy > <marc.savy(a)redhat.com <mailto:marc.savy@redhat.com> > > <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com>> > > <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com> <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com>>>> > > wrote: > > > > I'll try to check it out - I thought this was > the problem > > already > > fixed. Will attempt to verify and get back to you. > > > > On 09/09/2015 18:32, Fadi Abdin wrote: > > > > Hey Marc , > > > > There is still a problem. I just installed > the latest > > version > > and tried > > a POST , the preflight passes but the acual > post failes > > .. check > > this > > > > Pre-Flight : > > https://gist.github.com/fadiabdeen/fad62e55a3fa161f8b82 > > Post : > > https://gist.github.com/fadiabdeen/6990954142c936e3c54a > > > > > > > > > > > > On Sat, Sep 5, 2015 at 7:29 AM, Fadi Abdin > > <fadiabdeen(a)gmail.com <mailto:fadiabdeen@gmail.com> > <mailto:fadiabdeen@gmail.com <mailto:fadiabdeen@gmail.com>> > > <mailto:fadiabdeen@gmail.com > <mailto:fadiabdeen@gmail.com> > > <mailto:fadiabdeen@gmail.com <mailto:fadiabdeen@gmail.com>>> > > <mailto:fadiabdeen@gmail.com > <mailto:fadiabdeen@gmail.com> > > <mailto:fadiabdeen@gmail.com > <mailto:fadiabdeen@gmail.com>> <mailto:fadiabdeen@gmail.com > <mailto:fadiabdeen@gmail.com> > > <mailto:fadiabdeen@gmail.com > <mailto:fadiabdeen@gmail.com>>>>> wrote: > > > > Hey Marc, > > > > Thanks for asking.. I did not try > updating the new > > version > > to get > > other the GET to work. > > > > Otherwise everything was perfect until > Friday. and > > all the > > sudden > > some services start giving 500 when > calling them > > (only in > > one of the > > environments setup). then i tried > duplicating > > the the > > service and > > pumpup the version and it worked .. > that was > > weird. but the > > cors > > didnt work. I did not fully invistigate > whats > > going on but > > i was > > ready to send you an email explaining what > > happened after > > collecting > > more information. i'm not sure why i > keep having > > some > > issues like > > this . but if i got a chance this > weekend i might > > send you > > details. > > > > Thanks, > > Fadi > > > > > > On Sat, Sep 5, 2015 at 7:20 AM, Marc Savy > > <msavy(a)redhat.com <mailto:msavy@redhat.com> > <mailto:msavy@redhat.com <mailto:msavy@redhat.com>> > > <mailto:msavy@redhat.com > <mailto:msavy@redhat.com> <mailto:msavy@redhat.com > <mailto:msavy@redhat.com>>> > > <mailto:msavy@redhat.com > <mailto:msavy@redhat.com> <mailto:msavy@redhat.com > <mailto:msavy@redhat.com>> > > <mailto:msavy@redhat.com <mailto:msavy@redhat.com> > <mailto:msavy@redhat.com <mailto:msavy@redhat.com>>>>> wrote: > > > > Fadi - Is this all working as expected? > > > > ----- Original Message ----- > > From: "Marc Savy" > <marc.savy(a)redhat.com <mailto:marc.savy@redhat.com> > > <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com>> > > <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com> > > <mailto:marc.savy@redhat.com <mailto:marc.savy@redhat.com>>> > > <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com> > > <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com>> > > <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com> > > <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com>>>>> > > To: "Fadi Abdin" > <fadiabdeen(a)gmail.com <mailto:fadiabdeen@gmail.com> > > <mailto:fadiabdeen@gmail.com > <mailto:fadiabdeen@gmail.com>> > > <mailto:fadiabdeen@gmail.com > <mailto:fadiabdeen@gmail.com> > > <mailto:fadiabdeen@gmail.com <mailto:fadiabdeen@gmail.com>>> > > <mailto:fadiabdeen@gmail.com > <mailto:fadiabdeen@gmail.com> > > <mailto:fadiabdeen@gmail.com > <mailto:fadiabdeen@gmail.com>> > > <mailto:fadiabdeen@gmail.com > <mailto:fadiabdeen@gmail.com> > > <mailto:fadiabdeen@gmail.com > <mailto:fadiabdeen@gmail.com>>>>> > > Cc: "apiman-user" > <apiman-user(a)lists.jboss.org <mailto:apiman-user@lists.jboss.org> > > <mailto:apiman-user@lists.jboss.org > <mailto:apiman-user@lists.jboss.org>> > > <mailto:apiman-user@lists.jboss.org > <mailto:apiman-user@lists.jboss.org> > > <mailto:apiman-user@lists.jboss.org > <mailto:apiman-user@lists.jboss.org>>> > > <mailto:apiman-user@lists.jboss.org > <mailto:apiman-user@lists.jboss.org> > > <mailto:apiman-user@lists.jboss.org > <mailto:apiman-user@lists.jboss.org>> > > > > <mailto:apiman-user@lists.jboss.org > <mailto:apiman-user@lists.jboss.org> > > <mailto:apiman-user@lists.jboss.org > <mailto:apiman-user@lists.jboss.org>>>>> > > Sent: Friday, 28 August, 2015 > 1:42:25 PM > > Subject: Re: [Apiman-user] HTTP Methods > > > > Should be > 'apiman-plugins-cors-policy' ; > > repo is > > 'apiman-plugins' > > > > On 28/08/2015 13:40, Fadi Abdin wrote: > > > latest of cors-policy-plugin? > > > > > > On Fri, Aug 28, 2015 at 5:53 AM, > Marc Savy > > <marc.savy(a)redhat.com > <mailto:marc.savy@redhat.com> > > <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com>> <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com> > > <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com>>> > > <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com> > > <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com>> <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com> > > <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com>>>> > > > <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com> > > <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com>> > > <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com> > > <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com>>> <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com> > > <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com>> > > <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com> > > <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com>>>>>> > > > > wrote: > > > > > > I think there may have been some > > overzealous error > > detection going > > > on. Please try out the latest > > master/1.1.x. > > > > > > > > > On 27/08/2015 20:02, Eric > Wittmann > > wrote: > > > > > > Hi Fadi. > > > > > > It's possible this is a > bug in > > the CORS > > policy or a > > > mis-configuration. > > > Hopefully Marc can > respond shortly. > > > > > > One thing I'll say is > that you > > *probably* > > don't need > > to include > > > "OPTIONS" as one of the > allowed > > CORS methods. > > > > > > -Eric > > > > > > On 8/27/2015 2:48 PM, > Fadi Abdin > > wrote: > > > > Hey Eric / Marc, > > > > > > > > Everything going good > so far > > with the > > CORS fix but > > guessing > > > there is > > > > something still, or > maybe i'm > > doing something > > wrong ( it > > > always happened > > > > to me ). > > > > > > > > I have setup my CORS > Policy in > > API Man > > and included > > > > > "Access-Control-Allow-Methods" : > > > > > "OPTIONS","GET","POST","DELETE",'PUT". > > > > > > > > But i get a 403 and > "CORS: > > Invalid preflight > > request; must > > > use OPTIONS > > > > verb." on ANY service > that is > > not GET. > > > > > > > > OPTIONS Header : > > > > > > > > 1. > > > > Remote Address: > > > > 172.26.209.66:443 > <http://172.26.209.66:443> > > <http://172.26.209.66:443> > > <http://172.26.209.66:443> > <http://172.26.209.66:443> > > <http://172.26.209.66:443> > > > <http://172.26.209.66:443> > > > > 2. > > > > Request URL: > > > > > > > > > > > > https://dev-internal-api.expdev.local/apiman-gateway/express/integration/... > > > > > > 3. > > > > Request Method: > > > > OPTIONS > > > > 4. > > > > Status Code: > > > > 200 OK > > > > 1. Response > Headersview source > > > > 1. > > > > > > Access-Control-Allow-Headers: > > > > Accept, > > Authorization, Head > > > > 2. > > > > > > Access-Control-Allow-Methods: > > > > OPTIONS, > GET, POST, > > DELETE, PUT > > > > 3. > > > > > > Access-Control-Allow-Origin: > > > > http://localhost:8383 > > > > 4. > > > > > Access-Control-Max-Age: > > > > 0 > > > > 5. > > > > Connection: > > > > keep-alive > > > > 6. > > > > Date: > > > > Thu, 27 Aug 2015 > > 18:44:39 GMT > > > > 7. > > > > Server: > > > > WildFly/8 > > > > 8. > > > > > Transfer-Encoding: > > > > chunked > > > > 9. > > > > X-Powered-By: > > > > Undertow/1 > > > > 2. Request > Headersview source > > > > 1. > > > > Accept: > > > > */* > > > > 2. > > > > Accept-Encoding: > > > > gzip, > deflate, sdch > > > > 3. > > > > Accept-Language: > > > > > en-US,en;q=0.8,ar;q=0.6 > > > > 4. > > > > > > Access-Control-Request-Headers: > > > > accept, > authorization > > > > 5. > > > > > > Access-Control-Request-Method: > > > > POST > > > > 6. > > > > Cache-Control: > > > > no-cache > > > > 7. > > > > Connection: > > > > keep-alive > > > > 8. > > > > Host: > > > > > > dev-internal-api.expdev.local > > > > 9. > > > > Origin: > > > > http://localhost:8383 > > > > 10. > > > > Pragma: > > > > no-cache > > > > 11. > > > > Referer: > > > > > > > > > > > > http://localhost:8383/keycloak-oauth/index.html?code=1SnLPvM2b4cuXeMp3w8s... > > > > > > > > > > > > > > > > > > > > > > POST HEADER > > > > > > > > 1. > > > > Remote > Address: > > > > 172.26.209.66:443 > <http://172.26.209.66:443> > > <http://172.26.209.66:443> > > <http://172.26.209.66:443> > <http://172.26.209.66:443> > > <http://172.26.209.66:443> > > > <http://172.26.209.66:443> > > > > 2. > > > > Request URL: > > > > > > > > > > > > https://dev-internal-api.expdev.local/apiman-gateway/express/integration/... > > > > > > 3. > > > > Request > Method: > > > > POST > > > > 4. > > > > Status Code: > > > > 403 > Forbidden > > > > 1. Response > Headersview > > source > > > > 1. > > > > > > Access-Control-Allow-Origin: > > > > http://localhost:8383 > > > > 2. > > > > Connection: > > > > keep-alive > > > > 3. > > > > > Content-Length: > > > > 195 > > > > 4. > > > > > Content-Type: > > > > > application/json > > > > 5. > > > > Date: > > > > Thu, 27 > Aug 2015 > > 18:44:39 GMT > > > > 6. > > > > Server: > > > > WildFly/8 > > > > 7. > > > > > > X-Policy-Failure-Code: > > > > 400 > > > > 8. > > > > > > X-Policy-Failure-Message: > > > > CORS: > Invalid > > preflight > > request; must use > > > OPTIONS verb. > > > > 9. > > > > > > X-Policy-Failure-Type: > > > > > Authorization > > > > 10. > > > > > X-Powered-By: > > > > Undertow/1 > > > > 2. Request > Headersview > > source > > > > 1. > > > > Accept: > > > > > application/json, > > text/plain, */* > > > > 2. > > > > > Accept-Encoding: > > > > gzip, > deflate > > > > 3. > > > > > Accept-Language: > > > > > > en-US,en;q=0.8,ar;q=0.6 > > > > 4. > > > > > Authorization: > > > > Bearer > > > > > > > > > > > > > > > > eyJhbGciOiJSUzI1NiJ9.eyJqdGkiOiJkYTI.................................qoQRgKQ > > > > > > 5. > > > > > Cache-Control: > > > > no-cache > > > > 6. > > > > Connection: > > > > keep-alive > > > > 7. > > > > > Content-Length: > > > > 0 > > > > 8. > > > > Host: > > > > > > dev-internal-api.expdev.local > > > > 9. > > > > Origin: > > > > http://localhost:8383 > > > > 10. > > > > Pragma: > > > > no-cache > > > > 11. > > > > > > > > 12. > > > > > > > > > > > > > > > > > > > > > > _______________________________________________ > > > > Apiman-user mailing list > > > > > Apiman-user(a)lists.jboss.org <mailto:Apiman-user@lists.jboss.org> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org>> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org>>> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org>> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org>>>> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org>> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org>>> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org>> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org>>>>> > > > > > > https://lists.jboss.org/mailman/listinfo/apiman-user > > > > > > > > > _______________________________________________ > > > Apiman-user mailing list > > > Apiman-user(a)lists.jboss.org > <mailto:Apiman-user@lists.jboss.org> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org>> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org>>> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org>> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org>>>> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org>> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org>>> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org>> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org>>>>> > > > > > https://lists.jboss.org/mailman/listinfo/apiman-user > > > > > > > > > > > > > > _______________________________________________ > > Apiman-user mailing list > > Apiman-user(a)lists.jboss.org > <mailto:Apiman-user@lists.jboss.org> > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org>> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org>>> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org>> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org> > > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org>>>> > > https://lists.jboss.org/mailman/listinfo/apiman-user > > > > > > > > > > > > > > > > >

8 years, 9 months

1
0
0 / 0

Re: [Apiman-user] HTTP Methods

by Marc Savy

It should be in 1.1.7.Final plugins :(. Please try 1.2.0-SNAPSHOT - it should still work just fine with 1.1.x On 09/09/2015 18:57, Fadi Abdin wrote: > I'm running 1.1.x with version 1.1.8-SNAPSHOT and the plugins are > 1.1.7.Final > > > > On Wed, Sep 9, 2015 at 1:53 PM, Marc Savy <marc.savy(a)redhat.com > <mailto:marc.savy@redhat.com>> wrote: > > It seems to work for me on 1.2.0-SNAPSHOT for me. Maybe you're > picking up an old version of the plugin somehow? :-( > > Is there any chance you can provide a reproducer script? Use > something else other than the OAuth2 policy > > So have something like: > > CORS -> Rate Limiting Policy > > Then your script would be something that accesses that backend > service using a POST request, and hopefully it'll reveal the issue > (can just be a curl command with all the appropriate headers set). > > > > > > On 09/09/2015 18:41, Fadi Abdin wrote: > > The problem is that CORS wont work for other than GET , i tried > POST,PUT,DELETE , all fail > > Thanks for looking into it. > > > On Wed, Sep 9, 2015 at 1:35 PM, Marc Savy <marc.savy(a)redhat.com > <mailto:marc.savy@redhat.com> > <mailto:marc.savy@redhat.com <mailto:marc.savy@redhat.com>>> wrote: > > I'll try to check it out - I thought this was the problem > already > fixed. Will attempt to verify and get back to you. > > On 09/09/2015 18:32, Fadi Abdin wrote: > > Hey Marc , > > There is still a problem. I just installed the latest > version > and tried > a POST , the preflight passes but the acual post failes > .. check > this > > Pre-Flight : > https://gist.github.com/fadiabdeen/fad62e55a3fa161f8b82 > Post : > https://gist.github.com/fadiabdeen/6990954142c936e3c54a > > > > > > On Sat, Sep 5, 2015 at 7:29 AM, Fadi Abdin > <fadiabdeen(a)gmail.com <mailto:fadiabdeen@gmail.com> > <mailto:fadiabdeen@gmail.com <mailto:fadiabdeen@gmail.com>> > <mailto:fadiabdeen@gmail.com > <mailto:fadiabdeen@gmail.com> <mailto:fadiabdeen@gmail.com > <mailto:fadiabdeen@gmail.com>>>> wrote: > > Hey Marc, > > Thanks for asking.. I did not try updating the new > version > to get > other the GET to work. > > Otherwise everything was perfect until Friday. and > all the > sudden > some services start giving 500 when calling them > (only in > one of the > environments setup). then i tried duplicating the the > service and > pumpup the version and it worked .. that was > weird. but the > cors > didnt work. I did not fully invistigate whats > going on but > i was > ready to send you an email explaining what > happened after > collecting > more information. i'm not sure why i keep having some > issues like > this . but if i got a chance this weekend i might > send you > details. > > Thanks, > Fadi > > > On Sat, Sep 5, 2015 at 7:20 AM, Marc Savy > <msavy(a)redhat.com <mailto:msavy@redhat.com> > <mailto:msavy@redhat.com <mailto:msavy@redhat.com>> > <mailto:msavy@redhat.com <mailto:msavy@redhat.com> > <mailto:msavy@redhat.com <mailto:msavy@redhat.com>>>> wrote: > > Fadi - Is this all working as expected? > > ----- Original Message ----- > From: "Marc Savy" <marc.savy(a)redhat.com > <mailto:marc.savy@redhat.com> > <mailto:marc.savy@redhat.com <mailto:marc.savy@redhat.com>> > <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com> > <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com>>>> > To: "Fadi Abdin" <fadiabdeen(a)gmail.com > <mailto:fadiabdeen@gmail.com> > <mailto:fadiabdeen@gmail.com <mailto:fadiabdeen@gmail.com>> > <mailto:fadiabdeen@gmail.com > <mailto:fadiabdeen@gmail.com> > <mailto:fadiabdeen@gmail.com > <mailto:fadiabdeen@gmail.com>>>> > Cc: "apiman-user" <apiman-user(a)lists.jboss.org > <mailto:apiman-user@lists.jboss.org> > <mailto:apiman-user@lists.jboss.org > <mailto:apiman-user@lists.jboss.org>> > <mailto:apiman-user@lists.jboss.org > <mailto:apiman-user@lists.jboss.org> > > <mailto:apiman-user@lists.jboss.org > <mailto:apiman-user@lists.jboss.org>>>> > Sent: Friday, 28 August, 2015 1:42:25 PM > Subject: Re: [Apiman-user] HTTP Methods > > Should be 'apiman-plugins-cors-policy' ; repo is > 'apiman-plugins' > > On 28/08/2015 13:40, Fadi Abdin wrote: > > latest of cors-policy-plugin? > > > > On Fri, Aug 28, 2015 at 5:53 AM, Marc Savy > <marc.savy(a)redhat.com > <mailto:marc.savy@redhat.com> <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com>> > <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com> <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com>>> > > <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com> > <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com>> <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com> > <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com>>>>> > > wrote: > > > > I think there may have been some > overzealous error > detection going > > on. Please try out the latest master/1.1.x. > > > > > > On 27/08/2015 20:02, Eric Wittmann wrote: > > > > Hi Fadi. > > > > It's possible this is a bug in the CORS > policy or a > > mis-configuration. > > Hopefully Marc can respond shortly. > > > > One thing I'll say is that you > *probably* > don't need > to include > > "OPTIONS" as one of the allowed > CORS methods. > > > > -Eric > > > > On 8/27/2015 2:48 PM, Fadi Abdin wrote: > > > Hey Eric / Marc, > > > > > > Everything going good so far > with the > CORS fix but > guessing > > there is > > > something still, or maybe i'm > doing something > wrong ( it > > always happened > > > to me ). > > > > > > I have setup my CORS Policy in > API Man > and included > > > "Access-Control-Allow-Methods" : > > "OPTIONS","GET","POST","DELETE",'PUT". > > > > > > But i get a 403 and "CORS: > Invalid preflight > request; must > > use OPTIONS > > > verb." on ANY service that is > not GET. > > > > > > OPTIONS Header : > > > > > > 1. > > > Remote Address: > > > 172.26.209.66:443 > <http://172.26.209.66:443> > <http://172.26.209.66:443> <http://172.26.209.66:443> > <http://172.26.209.66:443> > > <http://172.26.209.66:443> > > > 2. > > > Request URL: > > > > > > https://dev-internal-api.expdev.local/apiman-gateway/express/integration/... > > > 3. > > > Request Method: > > > OPTIONS > > > 4. > > > Status Code: > > > 200 OK > > > 1. Response Headersview source > > > 1. > > > > Access-Control-Allow-Headers: > > > Accept, Authorization, Head > > > 2. > > > > Access-Control-Allow-Methods: > > > OPTIONS, GET, POST, > DELETE, PUT > > > 3. > > > > Access-Control-Allow-Origin: > > > http://localhost:8383 > > > 4. > > > Access-Control-Max-Age: > > > 0 > > > 5. > > > Connection: > > > keep-alive > > > 6. > > > Date: > > > Thu, 27 Aug 2015 > 18:44:39 GMT > > > 7. > > > Server: > > > WildFly/8 > > > 8. > > > Transfer-Encoding: > > > chunked > > > 9. > > > X-Powered-By: > > > Undertow/1 > > > 2. Request Headersview source > > > 1. > > > Accept: > > > */* > > > 2. > > > Accept-Encoding: > > > gzip, deflate, sdch > > > 3. > > > Accept-Language: > > > en-US,en;q=0.8,ar;q=0.6 > > > 4. > > > > Access-Control-Request-Headers: > > > accept, authorization > > > 5. > > > > Access-Control-Request-Method: > > > POST > > > 6. > > > Cache-Control: > > > no-cache > > > 7. > > > Connection: > > > keep-alive > > > 8. > > > Host: > > > > dev-internal-api.expdev.local > > > 9. > > > Origin: > > > http://localhost:8383 > > > 10. > > > Pragma: > > > no-cache > > > 11. > > > Referer: > > > > > > http://localhost:8383/keycloak-oauth/index.html?code=1SnLPvM2b4cuXeMp3w8s... > > > > > > > > > > > > > > > POST HEADER > > > > > > 1. > > > Remote Address: > > > 172.26.209.66:443 > <http://172.26.209.66:443> > <http://172.26.209.66:443> <http://172.26.209.66:443> > <http://172.26.209.66:443> > > <http://172.26.209.66:443> > > > 2. > > > Request URL: > > > > > > https://dev-internal-api.expdev.local/apiman-gateway/express/integration/... > > > 3. > > > Request Method: > > > POST > > > 4. > > > Status Code: > > > 403 Forbidden > > > 1. Response Headersview source > > > 1. > > > > Access-Control-Allow-Origin: > > > http://localhost:8383 > > > 2. > > > Connection: > > > keep-alive > > > 3. > > > Content-Length: > > > 195 > > > 4. > > > Content-Type: > > > application/json > > > 5. > > > Date: > > > Thu, 27 Aug 2015 > 18:44:39 GMT > > > 6. > > > Server: > > > WildFly/8 > > > 7. > > > X-Policy-Failure-Code: > > > 400 > > > 8. > > > > X-Policy-Failure-Message: > > > CORS: Invalid preflight > request; must use > > OPTIONS verb. > > > 9. > > > X-Policy-Failure-Type: > > > Authorization > > > 10. > > > X-Powered-By: > > > Undertow/1 > > > 2. Request Headersview source > > > 1. > > > Accept: > > > application/json, > text/plain, */* > > > 2. > > > Accept-Encoding: > > > gzip, deflate > > > 3. > > > Accept-Language: > > > en-US,en;q=0.8,ar;q=0.6 > > > 4. > > > Authorization: > > > Bearer > > > > > > > > eyJhbGciOiJSUzI1NiJ9.eyJqdGkiOiJkYTI.................................qoQRgKQ > > > 5. > > > Cache-Control: > > > no-cache > > > 6. > > > Connection: > > > keep-alive > > > 7. > > > Content-Length: > > > 0 > > > 8. > > > Host: > > > > dev-internal-api.expdev.local > > > 9. > > > Origin: > > > http://localhost:8383 > > > 10. > > > Pragma: > > > no-cache > > > 11. > > > > > > 12. > > > > > > > > > > > > > > > > _______________________________________________ > > > Apiman-user mailing list > > > Apiman-user(a)lists.jboss.org > <mailto:Apiman-user@lists.jboss.org> > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org>> > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org> > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org>>> > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org> > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org>> > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org> > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org>>>> > > > > https://lists.jboss.org/mailman/listinfo/apiman-user > > > > > > _______________________________________________ > > Apiman-user mailing list > > Apiman-user(a)lists.jboss.org > <mailto:Apiman-user@lists.jboss.org> > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org>> > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org> > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org>>> > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org> > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org>> > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org> > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org>>>> > > > https://lists.jboss.org/mailman/listinfo/apiman-user > > > > > > > > _______________________________________________ > Apiman-user mailing list > Apiman-user(a)lists.jboss.org <mailto:Apiman-user@lists.jboss.org> > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org>> > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org> > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org>>> > https://lists.jboss.org/mailman/listinfo/apiman-user > > > > > > >

8 years, 9 months

1
1
0 / 0

apiman 1.1.x build

by Fadi Abdin

is anyone able to build ? i do mvn clean install but i get stuck on 'apiman-distro-db-es' with a lot of exceptions starting with : 07:40:15,782 WARN FAILED o.e.j.s.ServletContextHandler@62b54e9a{/apiman,null,STARTING}: javax.servlet.ServletException: io.apiman.manager.api.core.ex ceptions.StorageException: Failed to index document admin of type user: RemoteTransportException[[Marsha Rosenberg][inet[/172.26.209.73:19300 ]][index] ]; nested: DocumentAlreadyExistsException[[apiman_manager][2] [user][admin]: document already exists]; javax.servlet.ServletException: io.apiman.manager.api.core.exceptions.StorageException: Failed to index document admin of type user: RemoteTransportEx ception[[Marsha Rosenberg][inet[/172.26.209.73:19300]][index]]; nested: DocumentAlreadyExistsException[[apiman_manager][2] [user][admin]: document alr eady exists]; at io.apiman.manager.test.server.DatabaseSeedFilter.init(DatabaseSeedFilter.java:57) at org.eclipse.jetty.servlet.FilterHolder.initialize(FilterHolder.java:138)

8 years, 9 months

5
13
0 / 0

Re: [Apiman-user] HTTP Methods

by Marc Savy

It seems to work for me on 1.2.0-SNAPSHOT for me. Maybe you're picking up an old version of the plugin somehow? :-( Is there any chance you can provide a reproducer script? Use something else other than the OAuth2 policy So have something like: CORS -> Rate Limiting Policy Then your script would be something that accesses that backend service using a POST request, and hopefully it'll reveal the issue (can just be a curl command with all the appropriate headers set). On 09/09/2015 18:41, Fadi Abdin wrote: > The problem is that CORS wont work for other than GET , i tried > POST,PUT,DELETE , all fail > > Thanks for looking into it. > > > On Wed, Sep 9, 2015 at 1:35 PM, Marc Savy <marc.savy(a)redhat.com > <mailto:marc.savy@redhat.com>> wrote: > > I'll try to check it out - I thought this was the problem already > fixed. Will attempt to verify and get back to you. > > On 09/09/2015 18:32, Fadi Abdin wrote: > > Hey Marc , > > There is still a problem. I just installed the latest version > and tried > a POST , the preflight passes but the acual post failes .. check > this > > Pre-Flight : https://gist.github.com/fadiabdeen/fad62e55a3fa161f8b82 > Post : https://gist.github.com/fadiabdeen/6990954142c936e3c54a > > > > > > On Sat, Sep 5, 2015 at 7:29 AM, Fadi Abdin <fadiabdeen(a)gmail.com > <mailto:fadiabdeen@gmail.com> > <mailto:fadiabdeen@gmail.com <mailto:fadiabdeen@gmail.com>>> wrote: > > Hey Marc, > > Thanks for asking.. I did not try updating the new version > to get > other the GET to work. > > Otherwise everything was perfect until Friday. and all the > sudden > some services start giving 500 when calling them (only in > one of the > environments setup). then i tried duplicating the the > service and > pumpup the version and it worked .. that was weird. but the > cors > didnt work. I did not fully invistigate whats going on but > i was > ready to send you an email explaining what happened after > collecting > more information. i'm not sure why i keep having some > issues like > this . but if i got a chance this weekend i might send you > details. > > Thanks, > Fadi > > > On Sat, Sep 5, 2015 at 7:20 AM, Marc Savy <msavy(a)redhat.com > <mailto:msavy@redhat.com> > <mailto:msavy@redhat.com <mailto:msavy@redhat.com>>> wrote: > > Fadi - Is this all working as expected? > > ----- Original Message ----- > From: "Marc Savy" <marc.savy(a)redhat.com > <mailto:marc.savy@redhat.com> > <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com>>> > To: "Fadi Abdin" <fadiabdeen(a)gmail.com > <mailto:fadiabdeen@gmail.com> > <mailto:fadiabdeen@gmail.com > <mailto:fadiabdeen@gmail.com>>> > Cc: "apiman-user" <apiman-user(a)lists.jboss.org > <mailto:apiman-user@lists.jboss.org> > <mailto:apiman-user@lists.jboss.org > <mailto:apiman-user@lists.jboss.org>>> > Sent: Friday, 28 August, 2015 1:42:25 PM > Subject: Re: [Apiman-user] HTTP Methods > > Should be 'apiman-plugins-cors-policy' ; repo is > 'apiman-plugins' > > On 28/08/2015 13:40, Fadi Abdin wrote: > > latest of cors-policy-plugin? > > > > On Fri, Aug 28, 2015 at 5:53 AM, Marc Savy > <marc.savy(a)redhat.com <mailto:marc.savy@redhat.com> > <mailto:marc.savy@redhat.com <mailto:marc.savy@redhat.com>> > > <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com> <mailto:marc.savy@redhat.com > <mailto:marc.savy@redhat.com>>>> > > wrote: > > > > I think there may have been some overzealous error > detection going > > on. Please try out the latest master/1.1.x. > > > > > > On 27/08/2015 20:02, Eric Wittmann wrote: > > > > Hi Fadi. > > > > It's possible this is a bug in the CORS > policy or a > > mis-configuration. > > Hopefully Marc can respond shortly. > > > > One thing I'll say is that you *probably* > don't need > to include > > "OPTIONS" as one of the allowed CORS methods. > > > > -Eric > > > > On 8/27/2015 2:48 PM, Fadi Abdin wrote: > > > Hey Eric / Marc, > > > > > > Everything going good so far with the > CORS fix but > guessing > > there is > > > something still, or maybe i'm doing something > wrong ( it > > always happened > > > to me ). > > > > > > I have setup my CORS Policy in API Man > and included > > > "Access-Control-Allow-Methods" : > > "OPTIONS","GET","POST","DELETE",'PUT". > > > > > > But i get a 403 and "CORS: Invalid preflight > request; must > > use OPTIONS > > > verb." on ANY service that is not GET. > > > > > > OPTIONS Header : > > > > > > 1. > > > Remote Address: > > > 172.26.209.66:443 > <http://172.26.209.66:443> <http://172.26.209.66:443> > <http://172.26.209.66:443> > > <http://172.26.209.66:443> > > > 2. > > > Request URL: > > > > > > https://dev-internal-api.expdev.local/apiman-gateway/express/integration/... > > > 3. > > > Request Method: > > > OPTIONS > > > 4. > > > Status Code: > > > 200 OK > > > 1. Response Headersview source > > > 1. > > > Access-Control-Allow-Headers: > > > Accept, Authorization, Head > > > 2. > > > Access-Control-Allow-Methods: > > > OPTIONS, GET, POST, DELETE, PUT > > > 3. > > > Access-Control-Allow-Origin: > > > http://localhost:8383 > > > 4. > > > Access-Control-Max-Age: > > > 0 > > > 5. > > > Connection: > > > keep-alive > > > 6. > > > Date: > > > Thu, 27 Aug 2015 18:44:39 GMT > > > 7. > > > Server: > > > WildFly/8 > > > 8. > > > Transfer-Encoding: > > > chunked > > > 9. > > > X-Powered-By: > > > Undertow/1 > > > 2. Request Headersview source > > > 1. > > > Accept: > > > */* > > > 2. > > > Accept-Encoding: > > > gzip, deflate, sdch > > > 3. > > > Accept-Language: > > > en-US,en;q=0.8,ar;q=0.6 > > > 4. > > > Access-Control-Request-Headers: > > > accept, authorization > > > 5. > > > Access-Control-Request-Method: > > > POST > > > 6. > > > Cache-Control: > > > no-cache > > > 7. > > > Connection: > > > keep-alive > > > 8. > > > Host: > > > dev-internal-api.expdev.local > > > 9. > > > Origin: > > > http://localhost:8383 > > > 10. > > > Pragma: > > > no-cache > > > 11. > > > Referer: > > > > > > http://localhost:8383/keycloak-oauth/index.html?code=1SnLPvM2b4cuXeMp3w8s... > > > > > > > > > > > > > > > POST HEADER > > > > > > 1. > > > Remote Address: > > > 172.26.209.66:443 > <http://172.26.209.66:443> <http://172.26.209.66:443> > <http://172.26.209.66:443> > > <http://172.26.209.66:443> > > > 2. > > > Request URL: > > > > > > https://dev-internal-api.expdev.local/apiman-gateway/express/integration/... > > > 3. > > > Request Method: > > > POST > > > 4. > > > Status Code: > > > 403 Forbidden > > > 1. Response Headersview source > > > 1. > > > Access-Control-Allow-Origin: > > > http://localhost:8383 > > > 2. > > > Connection: > > > keep-alive > > > 3. > > > Content-Length: > > > 195 > > > 4. > > > Content-Type: > > > application/json > > > 5. > > > Date: > > > Thu, 27 Aug 2015 18:44:39 GMT > > > 6. > > > Server: > > > WildFly/8 > > > 7. > > > X-Policy-Failure-Code: > > > 400 > > > 8. > > > X-Policy-Failure-Message: > > > CORS: Invalid preflight > request; must use > > OPTIONS verb. > > > 9. > > > X-Policy-Failure-Type: > > > Authorization > > > 10. > > > X-Powered-By: > > > Undertow/1 > > > 2. Request Headersview source > > > 1. > > > Accept: > > > application/json, > text/plain, */* > > > 2. > > > Accept-Encoding: > > > gzip, deflate > > > 3. > > > Accept-Language: > > > en-US,en;q=0.8,ar;q=0.6 > > > 4. > > > Authorization: > > > Bearer > > > > > > > eyJhbGciOiJSUzI1NiJ9.eyJqdGkiOiJkYTI.................................qoQRgKQ > > > 5. > > > Cache-Control: > > > no-cache > > > 6. > > > Connection: > > > keep-alive > > > 7. > > > Content-Length: > > > 0 > > > 8. > > > Host: > > > dev-internal-api.expdev.local > > > 9. > > > Origin: > > > http://localhost:8383 > > > 10. > > > Pragma: > > > no-cache > > > 11. > > > > > > 12. > > > > > > > > > > > > > > > > _______________________________________________ > > > Apiman-user mailing list > > > Apiman-user(a)lists.jboss.org > <mailto:Apiman-user@lists.jboss.org> > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org>> > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org> > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org>>> > > > > https://lists.jboss.org/mailman/listinfo/apiman-user > > > > > _______________________________________________ > > Apiman-user mailing list > > Apiman-user(a)lists.jboss.org > <mailto:Apiman-user@lists.jboss.org> > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org>> > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org> > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org>>> > > https://lists.jboss.org/mailman/listinfo/apiman-user > > > > > > > > _______________________________________________ > Apiman-user mailing list > Apiman-user(a)lists.jboss.org <mailto:Apiman-user@lists.jboss.org> > <mailto:Apiman-user@lists.jboss.org > <mailto:Apiman-user@lists.jboss.org>> > https://lists.jboss.org/mailman/listinfo/apiman-user > > > > >

8 years, 9 months

1
0
0 / 0

HTTP Methods

by Fadi Abdin

Hey Eric / Marc, Everything going good so far with the CORS fix but guessing there is something still, or maybe i'm doing something wrong ( it always happened to me ). I have setup my CORS Policy in API Man and included "Access-Control-Allow-Methods" : "OPTIONS","GET","POST","DELETE",'PUT". But i get a 403 and "CORS: Invalid preflight request; must use OPTIONS verb." on ANY service that is not GET. OPTIONS Header : 1. Remote Address: 172.26.209.66:443 2. Request URL: https://dev-internal-api.expdev.local/apiman-gateway/express/integration/... 3. Request Method: OPTIONS 4. Status Code: 200 OK 1. Response Headersview source 1. Access-Control-Allow-Headers: Accept, Authorization, Head 2. Access-Control-Allow-Methods: OPTIONS, GET, POST, DELETE, PUT 3. Access-Control-Allow-Origin: http://localhost:8383 4. Access-Control-Max-Age: 0 5. Connection: keep-alive 6. Date: Thu, 27 Aug 2015 18:44:39 GMT 7. Server: WildFly/8 8. Transfer-Encoding: chunked 9. X-Powered-By: Undertow/1 2. Request Headersview source 1. Accept: */* 2. Accept-Encoding: gzip, deflate, sdch 3. Accept-Language: en-US,en;q=0.8,ar;q=0.6 4. Access-Control-Request-Headers: accept, authorization 5. Access-Control-Request-Method: POST 6. Cache-Control: no-cache 7. Connection: keep-alive 8. Host: dev-internal-api.expdev.local 9. Origin: http://localhost:8383 10. Pragma: no-cache 11. Referer: http://localhost:8383/keycloak-oauth/index.html?code=1SnLPvM2b4cuXeMp3w8s... POST HEADER 1. Remote Address: 172.26.209.66:443 2. Request URL: https://dev-internal-api.expdev.local/apiman-gateway/express/integration/... 3. Request Method: POST 4. Status Code: 403 Forbidden 1. Response Headersview source 1. Access-Control-Allow-Origin: http://localhost:8383 2. Connection: keep-alive 3. Content-Length: 195 4. Content-Type: application/json 5. Date: Thu, 27 Aug 2015 18:44:39 GMT 6. Server: WildFly/8 7. X-Policy-Failure-Code: 400 8. X-Policy-Failure-Message: CORS: Invalid preflight request; must use OPTIONS verb. 9. X-Policy-Failure-Type: Authorization 10. X-Powered-By: Undertow/1 2. Request Headersview source 1. Accept: application/json, text/plain, */* 2. Accept-Encoding: gzip, deflate 3. Accept-Language: en-US,en;q=0.8,ar;q=0.6 4. Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJqdGkiOiJkYTI.................................qoQRgKQ 5. Cache-Control: no-cache 6. Connection: keep-alive 7. Content-Length: 0 8. Host: dev-internal-api.expdev.local 9. Origin: http://localhost:8383 10. Pragma: no-cache 11. 12.

8 years, 9 months

4
8
0 / 0

apiman.properties file not used for elasticsearch (1.1.7.Final)

by Charles Moulliard

Hi, If I change the apiman.properties file located under standalone/configuration folder of wildfly (apiman-1.1.7.Final/wildfly-8.2.0.Final/standalone/configuration/apiman.properties), save it and restart wildfly # --------------------------------------------------------------------- # The following are settings for using elasticsearch for various # apiman components. # --------------------------------------------------------------------- apiman.es.protocol=http #apiman.es.host=localhost #apiman.es.port=19200 apiman.es.host=localhost apiman.es.port=9200 apiman.es.username= apiman.es.password= apiman continues to use the old setting of ElasticSearch (= port 19200 and not 9200 as changed). 15:19:20,637 INFO [org.wildfly.extension.undertow] (MSC service thread 1-9) JBAS017534: Registered web context: /auth 15:19:21,622 INFO [org.elasticsearch.cluster.service] (elasticsearch[Bobster][clusterService#updateTask][T#1]) [Bobster] new_master [Bobster][JzTqzlrTQtC5lsLhrjrPyQ][localhost][inet[/192.168.1.80:19300]]{local=false}, reason: zen-disco-join (elected_as_master) 15:19:21,649 INFO [org.elasticsearch.http] (MSC service thread 1-13) [Bobster] bound_address {inet[/0.0.0.0:19200]}, publish_address {inet[/192.168.1.80:19200]} 15:19:21,650 INFO [org.elasticsearch.node] (MSC service thread 1-13) [Bobster] started 15:19:21,650 INFO [stdout] (MSC service thread 1-13) ----------------------------- 15:19:21,651 INFO [stdout] (MSC service thread 1-13) apiman-es started! 15:19:21,651 INFO [stdout] (MSC service thread 1-13) ----------------------------- 15:19:21,655 INFO [org.wildfly.extension.undertow] (MSC service thread 1-13) JBAS017534: Registered web context: /apiman-es Is there something else to do ? Regards, -- Charles Moulliard Principal Solution Architect / JBoss Fuse Expert - Global Enablement @redhat cmoulliard(a)redhat.com | work: +31 205 65 12 84 | mobile: +32 473 604 014 MC-Square Business "Stockholm", Leonardo Da Vincilaan 19, Diegem 1831 - Belgium twitter: @cmoulliard <http://twitter.com/cmoulliard> | blog: cmoulliard.github.io <http://cmoulliard.github.io> committer: apache camel, karaf, servicemix, hawtio, fabric8, drools, jbpm, deltaspike

8 years, 9 months

2
1
0 / 0

Question about OAuth2 (apiman & keycloak)

by Charles Moulliard

Hi, This blog post details how to use Oauth2 between APiman & Keycloak ("http://www.apiman.io/blog/gateway/security/oauth2/keycloak/authentication..."). I have some questions to ask you about where these requests are related to OAuth2 spec/protocol When we issue the request to get an access token for the client_id = apiman "curl -X POST http://127.0.0.1:8080/auth/realms/stottie/protocol/openid-connect/token -H "Content-Type: application/x-www-form-urlencoded" -d "username=rincewind" -d 'password=apiman' -d 'grant_type=password' -d 'client_id=apiman'", does this request corresponds to Oauth 2 process where the client requests an access token to the authorization server (= keycloak) using as grant-type = password (http://oauthlib.readthedocs.org/en/latest/oauth2/grants/password.html) ? Is this request also issued by the "Apiman OAuth2 Policy" when a HTTP Client will call the gateway to access a HTTP endpoint secured by the Api gateway ? Regards, Charles

8 years, 9 months

2
5
0 / 0

Call for testers: Vert.x 3 Gateway

by Marc Savy

Hi, As you may (or may not) know, we have had a Vert.x 3-based gateway hiding in our code-base for a couple of months now. Over that time it's received a fair bit of automated and manual testing, in addition to a good few tweaks and bug-fixes. The next step is to have a few intrepid community members try it out! It still has a few areas where we'll be looking to do improvements as features arrive from upstream, but generally things should work fine. Without further ado - = Prerequisites: * At the moment, ElasticSearch is the only component type supported. So, you'll need ES available on the machine(s) you're testing this on. * You need Java 8 and Maven = Build apiman master: git clone https://github.com/apiman/apiman.git && cd apiman mvn clean install cd gateway/platforms/vertx3/vertx3/ = Edit src/conf/conf.json: To better understand how this works, check out this README: https://github.com/apiman/apiman/blob/master/gateway/platforms/vertx3/ver... Take particular note of which port your 'api' and 'http' verticles are running on. Feel free to change the 'count' of each type (e.g. 5 policy verticles). For each of the ES components, you'll need to edit it to match your local config - it might well be the same. = Run: java -jar target/apiman-gateway-platforms-vertx3-1.2.0-SNAPSHOT-fat.jar -conf src/conf/conf.json = Add the gateway: Fire up the apiman manager in the usual way, and in the Administration section, 'Manage Gateways'. Put in the details of your Vert.x Gateway, and give it a test Remember: you need to add the *API* endpoint here - by default http://localhost:8081; username: admin, password: admin. You should be able to explicitly publish stuff to your Vert.x 3 gateway now! = Are you brave? Run with -cluster to run in clustered mode. Let us know how it goes. Regards, Marc

8 years, 9 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

Apiman-user September 2015