You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@usergrid.apache.org by "Brandon Shelley (JIRA)" <ji...@apache.org> on 2015/07/10 22:11:04 UTC
[jira] [Updated] (USERGRID-797) Org (and presumably App)
credentials can't create connections by default
[ https://issues.apache.org/jira/browse/USERGRID-797?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brandon Shelley updated USERGRID-797:
-------------------------------------
Description:
If you try to create a new connection using org or app credentials, it will fail with:
{code}
{
"duration": 1,
"error": "unauthorized",
"error_description": "Subject does not have permission [applications:post:uuid:/col1/uuid/relationship/uid]",
"exception": "org.apache.shiro.authz.UnauthorizedException",
"timestamp": "...."
}
{code}
The only workaround seems to be to give {code}POST /**{code} to the Guest role.
Expected behavior: app and org credentials should (out of the box) both be able to create and delete connections, as well as retrieve all depths of them:
{code}
GET /collection/uuid/verb
GET /collection/uuid/connecting/verb
GET /collection/uuid/connections/verb
{code}
etc.
In short, all tests in the URAP integration_tests should pass on a net new instance without having to set Guest role permissions to {code}/**{code}.
was:
If you try to create a new connection using org or app credentials, it will fail with:
{code}
{
"duration": 1,
"error": "unauthorized",
"error_description": "Subject does not have permission [applications:post:uuid:/col1/uuid/relationship/uid]",
"exception": "org.apache.shiro.authz.UnauthorizedException",
"timestamp": "...."
}
{code}
The only workaround seems to be to give {code}POST /**{code} to the Guest role.
Expected behavior: app and org credentials should (out of the box) both be able to create and delete connections, as well as retrieve all depths of them:
{code}
GET /collection/uuid/verb
GET /collection/uuid/connecting/verb
GET /collection/uuid/connections/verb
{code}
etc.
In short, all tests in the URAP integration_tests should pass on a net new instance without having to set Guest role permissions to {code}/**{code}.
> Org (and presumably App) credentials can't create connections by default
> ------------------------------------------------------------------------
>
> Key: USERGRID-797
> URL: https://issues.apache.org/jira/browse/USERGRID-797
> Project: Usergrid
> Issue Type: Bug
> Components: Stack
> Affects Versions: 1.0, 2.0
> Reporter: Brandon Shelley
>
> If you try to create a new connection using org or app credentials, it will fail with:
> {code}
> {
> "duration": 1,
> "error": "unauthorized",
> "error_description": "Subject does not have permission [applications:post:uuid:/col1/uuid/relationship/uid]",
> "exception": "org.apache.shiro.authz.UnauthorizedException",
> "timestamp": "...."
> }
> {code}
> The only workaround seems to be to give {code}POST /**{code} to the Guest role.
> Expected behavior: app and org credentials should (out of the box) both be able to create and delete connections, as well as retrieve all depths of them:
> {code}
> GET /collection/uuid/verb
> GET /collection/uuid/connecting/verb
> GET /collection/uuid/connections/verb
> {code}
> etc.
> In short, all tests in the URAP integration_tests should pass on a net new instance without having to set Guest role permissions to {code}/**{code}.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)