Re: public rest API
Every REST endpoint, as it is implemented now, is secured by default. I had not thought of a scenario where internal OFBiz services will need to be invoked without authentication (externally) Yes, the services themselves can be specified to NOT require auth but I had always thought that was applicable within internal execution. I may be wrong here, so please correct me. auth and login-required are not taken into account yet, but can certainly be, if some exportable services should be exposed as public APIs. Best Regards, Girish Vasmatkar HotWax Systems On Thu, Sep 10, 2020 at 5:55 AM Hans Bakker wrote: > Hi, Girish, > > thanks again for your last reply it defenity helped, however i have > another question. > > I need to access certain services publicly without a token. > > I have put auth="false" on the service definition and > login-required="false" on the simple-method implementation > > still i get a 401 response. > > any suggestions? > > Regards, > > Hans > >
Re: REST get no parameters
Hi Hans I had earlier made a commit 72458a1ef2fd1e5b7c1694e76fece049aecfb0a4 that should have resulted in 400. If not done already, could you please update your local repository? You should get following in response - { "statusCode": 400, "statusDescription": "Bad Request", "errorMessage": "Missing Parameter: 'inParams'" } Best Regards, Girish Vasmatkar HotWax Systems On Thu, Sep 10, 2020 at 6:54 AM Hans Bakker wrote: > Sorry Girish me again, > > if i create a simple method service with action GET and no parameters , > i get a 500 http error, > > like: > > curl -X GET https://localhost:8443/rest/services/findProductById -H > "Accept: application/json" -H "Authorization: Bearer $token" --insecure > { >"statusCode" : 500, >"statusDescription" : "Internal Server Error" > } > > regards, > > Hans > > >
REST get no parameters
Sorry Girish me again, if i create a simple method service with action GET and no parameters , i get a 500 http error, like: curl -X GET https://localhost:8443/rest/services/findProductById -H "Accept: application/json" -H "Authorization: Bearer $token" --insecure { "statusCode" : 500, "statusDescription" : "Internal Server Error" } regards, Hans
public rest API
Hi, Girish, thanks again for your last reply it defenity helped, however i have another question. I need to access certain services publicly without a token. I have put auth="false" on the service definition and login-required="false" on the simple-method implementation still i get a 401 response. any suggestions? Regards, Hans