Re: [Apiman-user] CORS
Hi,
This is related to the JIRA I linked you to (https://issues.jboss.org/browse/APIMAN-516).
Because of the way the policy chain currently works the behaviour of CORS is invalid in a
few very specific cases (e.g. when you stack it with an auth policy). I'll let you
know when it's fixed.
Regards,
Marc
On 17/08/2015 15:44, Fadi Abdin wrote:
I have a problem in calling a service in apiman-gateway with the
Authorization: Bearer <token> in the header.
It seems to preflight OPTIONS and return
1.
X-Policy-Failure-Message:
OAuth2 'Authorization' header or 'access_token' query parameter must
be provided.
I am sending the bearer token with the request and i make sure in the
preflight its sent in the request.
1.
Access-Control-Request-Headers:
accept, authorization
Does anyone know if there Is something i'm missing ? do i need to get
authorization enabled or added anywhere ? as a side note i have below in
my api as well:
response.setHeader("Access-Control-Allow-Headers", "Authorization");
_______________________________________________
Apiman-user mailing list
Apiman-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/apiman-user