Re: public rest API

2020-09-26 Thread Hans Bakker
Hi Girish, i did a quit check using flutter test this morning and it looks like it is working fine. for people interested in using flutter(http://flutter.dev) with ofbiz:     the test: https://github.com/growerp/growerp/blob/master/test/services/ofbiz_testManual.dart     if you want to run

Re: public rest API

2020-09-26 Thread Chandan Khandelwal
Hi Girish, I have gone through the implementation and tested it on API client with HTTP bearer token authentication and worked for me for both auth= true/false (bypass authorization). Kind Regards, Chandan Khandelwal On Sat, Sep 26, 2020 at 2:35 PM Girish Vasmatkar <

Re: public rest API

2020-09-26 Thread Girish Vasmatkar
Hello Hans With the latest commi1361c3c on trunk, the system now honours the "auth" attribute defined on service and accordingly bypasses authorization for such services. Best, Girish On Thu, Sep 10, 2020

Re: public rest API

2020-09-10 Thread Hans Bakker
Thank you Girish, look forward to your updates of this excellent and much needed addition to OFBiz. Regars Hans www.antwebsystems.com On 9/10/20 3:27 PM, Girish Vasmatkar wrote: Thanks Hans, I will plan to include this change for the exportable services as well. There is also

Re: public rest API

2020-09-10 Thread Girish Vasmatkar
Thanks Hans, I will plan to include this change for the exportable services as well. There is also OFBIZ-11995, where more RESTFul resources can be declared (development is undergoing) and bound to services where I had planned to include declarative authentication. Best Regards, Girish Vasmatkar

Re: public rest API

2020-09-10 Thread Hans Bakker
Hi Girish, how about ecommerce? you want to show the products without logging in, actually all information on the ecommerce frontend? so yes, really required. regards, Hans On 9/10/20 12:37 PM, Girish Vasmatkar wrote: Every REST endpoint, as it is implemented now, is secured by

Re: public rest API

2020-09-09 Thread Girish Vasmatkar
Every REST endpoint, as it is implemented now, is secured by default. I had not thought of a scenario where internal OFBiz services will need to be invoked without authentication (externally) Yes, the services themselves can be specified to NOT require auth but I had always thought that was

public rest API

2020-09-09 Thread Hans Bakker
Hi, Girish, thanks again for your last reply it defenity helped, however i have another question. I need to access certain services publicly without a token. I have put auth="false" on the service definition and login-required="false" on the simple-method implementation still i get a 401