[Apiman-user] Disable SSL/TLS for Oauth
Charles Moulliard
cmoullia at redhat.com
Fri May 13 08:41:17 EDT 2016
Thx.
Remark : This is only required for a demo as currently the Apiman-gateway
Kubernetes App doesn't run as HTTPS Server but only as HTTP Server. I will
make the modifications next week to be able to use it as HTTP or HTTPS
Server by adding Openshift Route with TLS Termination passthrough
On Fri, May 13, 2016 at 1:05 PM, Marc Savy <marc.savy at redhat.com> wrote:
> On 12 May 2016 at 22:30, Charles Moulliard <cmoullia at redhat.com> wrote:
> > Can we disable SSL/TLS when we use Keycloak Oauth plugin to avoid this
> > message ""OAuth2 token was transmitted without required transport
> security
> > (TLS, SSL)." ?
>
> Yes, you should be able to untick "require transport security" or edit
> your policy's JSON config (see:
> http://www.apiman.io/latest/user-guide.html#_oauth_policy_keycloak).
>
> It's generally not a good idea to use OAuth2 without transport
> security, however.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/apiman-user/attachments/20160513/770f1248/attachment.html
More information about the Apiman-user
mailing list