It was unintentional. I had failed to remove the authentication from one
place when I added it to another.
On 13/10/2015 13:40, Marc Savy wrote:
Interesting situation - was it intentional?
On 13/10/2015 11:20, Tim Dudgeon wrote:
> I tracked it down eventually - I had OAuth authentication at 2 places in
> the chain which seems to be the cause or the error.
>
> Tim
>
> On 13/10/2015 11:04, Tim Dudgeon wrote:
> > Hi, I'm trying to access a service though an application and plan,
> > using OAuth authentication at the application level and authorization
> > at the service level (requiring a role assigned to the user during
> > authentication).
> > I thought I had it all set up correctly, but am getting an Invalid
> > token signature error.
> >
> > I generate access token like this:
> >
> > $ curl -X POST
> >
>
http://192.168.59.103:8080/auth/realms/Organization1/protocol/openid-conn...
> > -H "Content-Type: application/x-www-form-urlencoded" -d
> > 'username=user1' -d 'password=user1' -d
'grant_type=password' -d
> > 'client_id=app1' -s | jq -r '.access_token'
> >
> > and get an access token like this:
> >
> > eyJhb<snip>
> >
> > Then try to access the service like this:
> >
> > $ curl -k -H "Authorization: Bearer eyJhb<snip>" -H
"X-API-Key:
> > bb9eb966-<snip>" -s
> >
https://192.168.59.103:8443/apiman-gateway/Organization2/echo/1.5/
> >
> > And I get this error:
> >
> >
>
{"type":"Authentication","failureCode":11004,"responseCode":401,"message":"Invalid
> > token signature.","headers":{}}
> >
> >
> > Any ideas what the Invalid token signature error relates to?
> >
> > Thanks
> > Tim
> >
>
> _______________________________________________
> Apiman-user mailing list
> Apiman-user(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/apiman-user
>