Re: public rest API

2020-09-09 Thread Girish Vasmatkar 
Every REST endpoint, as it is implemented now, is secured by default. I had
not thought of a scenario where internal OFBiz services will need to be
invoked without authentication (externally)

Yes, the services themselves can be specified to NOT require auth but I had
always thought that was applicable within internal execution. I may be
wrong here, so please correct me.

auth and login-required are not taken into account yet, but can certainly
be, if some exportable services should be exposed as public APIs.

Best Regards,
Girish Vasmatkar
HotWax Systems



On Thu, Sep 10, 2020 at 5:55 AM Hans Bakker 
wrote:

> Hi, Girish,
>
> thanks again for your last reply it defenity helped, however i have
> another question.
>
> I need to access certain services publicly without a token.
>
> I have put auth="false" on the service definition and
> login-required="false" on the simple-method implementation
>
> still i get a 401 response.
>
> any suggestions?
>
> Regards,
>
> Hans
>
>

Re: REST get no parameters

2020-09-09 Thread Girish Vasmatkar 
Hi Hans

I had earlier made a commit 72458a1ef2fd1e5b7c1694e76fece049aecfb0a4 that
should have resulted in 400. If not done already, could you please update
your local repository?

You should get following in response -

{
  "statusCode": 400,
  "statusDescription": "Bad Request",
  "errorMessage": "Missing Parameter: 'inParams'"
}

Best Regards,
Girish Vasmatkar
HotWax Systems

On Thu, Sep 10, 2020 at 6:54 AM Hans Bakker 
wrote:

> Sorry Girish me again,
>
> if i create a simple method service with action GET and no parameters ,
> i get a 500 http error,
>
> like:
>
> curl -X  GET https://localhost:8443/rest/services/findProductById -H
> "Accept: application/json" -H "Authorization: Bearer $token" --insecure
> {
>"statusCode" : 500,
>"statusDescription" : "Internal Server Error"
> }
>
> regards,
>
> Hans
>
>
>

REST get no parameters

2020-09-09 Thread Hans Bakker 

Sorry Girish me again,

if i create a simple method service with action GET and no parameters , 
i get a 500 http error,


like:

curl -X  GET https://localhost:8443/rest/services/findProductById -H 
"Accept: application/json" -H "Authorization: Bearer $token" --insecure

{
  "statusCode" : 500,
  "statusDescription" : "Internal Server Error"
}

regards,

Hans

public rest API

2020-09-09 Thread Hans Bakker 

Hi, Girish,

thanks again for your last reply it defenity helped, however i have 
another question.


I need to access certain services publicly without a token.

I have put auth="false" on the service definition and 
login-required="false" on the simple-method implementation


still i get a 401 response.

any suggestions?

Regards,

Hans