I'm still working on it :( .. i had to give the network guys few ip addresses to whitelist so i can mvn install .. ... almost there. 

On Tue, Aug 18, 2015 at 9:46 AM, Marc Savy <marc.savy@redhat.com> wrote:
My pleasure! Did it work?

On 17/08/2015 16:38, Fadi Abdin wrote:
cool .. you're the man ;)


On Mon, Aug 17, 2015 at 11:37 AM, Marc Savy <marc.savy@redhat.com
 <mailto:marc.savy@redhat.com>> wrote:

    I'm actually testing the fix right now. It will land both on the 1.2.x
    branch and the 1.1.x branch shortly. You should be able to test it out
    in a short while: I'll send you an email when it's available.

    On 17/08/2015 16:23, Fadi Abdin wrote:

        Thank you Marc,
        Is there a work around that you can think of ?
        I'm doing it with angularjs  , very simple

        $http({method: 'GET', url: 'http://server/apiman-gateway/service',
        headers: {
              'Authorization': 'Bearer XXXXXXXXXXXXX'}
        });

        I assume you will fix it in the new version , right?



        On Mon, Aug 17, 2015 at 10:52 AM, Marc Savy
        <marc.savy@redhat.com <mailto:marc.savy@redhat.com>
        <mailto:marc.savy@redhat.com <mailto:marc.savy@redhat.com>>> wrote:

             Hi,

             This is related to the JIRA I linked you to
             (https://issues.jboss.org/browse/APIMAN-516). Because of
        the way the
             policy chain currently works the behaviour of CORS is
        invalid in a
             few very specific cases (e.g. when you stack it with an auth
             policy). I'll let you know when it's fixed.

             Regards,
             Marc

             On 17/08/2015 15:44, Fadi Abdin wrote:

                 I have a problem in calling a service in apiman-gateway
        with the
                 Authorization: Bearer <token> in the header.

                 It seems to preflight OPTIONS and return

                   1.
                      X-Policy-Failure-Message:
                      OAuth2 'Authorization' header or 'access_token' query
                 parameter must
                      be provided.

                 I am sending the bearer token with the request and i
        make sure
                 in the
                 preflight its sent in the request.

                   1.
                      Access-Control-Request-Headers:
                      accept, authorization

                 Does anyone know if there Is something i'm missing ?
        do i need
                 to get
                 authorization enabled or added anywhere ? as a side
        note i have
                 below in
                 my api as well:

                 response.setHeader("Access-Control-Allow-Headers",
        "Authorization");


                 _______________________________________________
                 Apiman-user mailing list
        Apiman-user@lists.jboss.org <mailto:Apiman-user@lists.jboss.org>
        <mailto:Apiman-user@lists.jboss.org
        <mailto:Apiman-user@lists.jboss.org>>
        https://lists.jboss.org/mailman/listinfo/apiman-user