[Apiman-user] CORS
Marc Savy
marc.savy at redhat.com
Mon Aug 17 10:52:08 EDT 2015
Hi,
This is related to the JIRA I linked you to (https://issues.jboss.org/browse/APIMAN-516). Because of the way the policy chain currently works the behaviour of CORS is invalid in a few very specific cases (e.g. when you stack it with an auth policy). I'll let you know when it's fixed.
Regards,
Marc
On 17/08/2015 15:44, Fadi Abdin wrote:
> I have a problem in calling a service in apiman-gateway with the
> Authorization: Bearer <token> in the header.
>
> It seems to preflight OPTIONS and return
>
> 1.
> X-Policy-Failure-Message:
> OAuth2 'Authorization' header or 'access_token' query parameter must
> be provided.
>
> I am sending the bearer token with the request and i make sure in the
> preflight its sent in the request.
>
> 1.
> Access-Control-Request-Headers:
> accept, authorization
>
> Does anyone know if there Is something i'm missing ? do i need to get
> authorization enabled or added anywhere ? as a side note i have below in
> my api as well:
>
> response.setHeader("Access-Control-Allow-Headers", "Authorization");
>
>
> _______________________________________________
> Apiman-user mailing list
> Apiman-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/apiman-user
>
More information about the Apiman-user
mailing list