Re: [Apiman-user] CORS
Thank you Marc,
Is there a work around that you can think of ?
I'm doing it with angularjs , very simple
$http({method: 'GET', url: 'http://server/apiman-gateway/service',
headers:
{
'Authorization': 'Bearer XXXXXXXXXXXXX'}
});
I assume you will fix it in the new version , right?
On Mon, Aug 17, 2015 at 10:52 AM, Marc Savy <marc.savy(a)redhat.com> wrote:
Hi,
This is related to the JIRA I linked you to (
https://issues.jboss.org/browse/APIMAN-516). Because of the way the
policy chain currently works the behaviour of CORS is invalid in a few very
specific cases (e.g. when you stack it with an auth policy). I'll let you
know when it's fixed.
Regards,
Marc
On 17/08/2015 15:44, Fadi Abdin wrote:
> I have a problem in calling a service in apiman-gateway with the
> Authorization: Bearer <token> in the header.
>
> It seems to preflight OPTIONS and return
>
> 1.
> X-Policy-Failure-Message:
> OAuth2 'Authorization' header or 'access_token' query parameter
must
> be provided.
>
> I am sending the bearer token with the request and i make sure in the
> preflight its sent in the request.
>
> 1.
> Access-Control-Request-Headers:
> accept, authorization
>
> Does anyone know if there Is something i'm missing ? do i need to get
> authorization enabled or added anywhere ? as a side note i have below in
> my api as well:
>
> response.setHeader("Access-Control-Allow-Headers",
"Authorization");
>
>
> _______________________________________________
> Apiman-user mailing list
> Apiman-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/apiman-user
>
>
Attachments:
- attachment.html (text/html — 2.7 KB)