Skip to content

Instantly share code, notes, and snippets.

View sebastienblanc's full-sized avatar

Sebastien Blanc sebastienblanc

338 followers · 6 following
View GitHub Profile
@sebastienblanc
sebastienblanc / gist:6121267
Created July 31, 2013 11:31
<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
@sebastienblanc
sebastienblanc / gist:6129320
Created August 1, 2013 07:55
/**
* JBoss, Home of Professional Open Source
* Copyright Red Hat, Inc., and individual contributors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
@sebastienblanc
sebastienblanc / gist:6129326
Created August 1, 2013 07:57
OPTIONS /aerodoc/login HTTP/1.1
Host: localhost:8080
Connection: keep-alive
Access-Control-Request-Method: POST
Origin: http://localhost:8000
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.152 Safari/537.22
Access-Control-Request-Headers: accept, origin, content-type
Accept: */*
Referer: http://localhost:8000/
Accept-Encoding: gzip,deflate,sdch
@sebastienblanc
sebastienblanc / gist:6129980
Created August 1, 2013 09:48
11:42:40,390 INFO [org.jboss.aerogear.connectivity.service.sender.impl.SenderServiceImpl] (EJB default - 2) Processing 'selective send' request with 'SelectiveSendMessage [criterias=[aliases=[maria], deviceTypes=null, category=null, variants=null], simplePush=null, alert=A new lead has been created, sound=default, badge=-1, data={id=41, phone=dsds, location=sdsds, name=sebi, simple-push={lead=version=2}, messageType=pushed_lead}]' payload
@sebastienblanc
sebastienblanc / gist:6130216
Created August 1, 2013 10:27
[{"id":"4028819340389edd014038a424ac0000","name":"aerodoc","description":"aerodoc","pushApplicationID":"e4b0aed6-3025-4c5a-bed7-6015db15a5ca","masterSecret":"c1c27eb3-12a0-4a66-9616-dbaee8962384","developer":"admin","androidVariants":[],"simplePushVariants":[{"id":"4028819340389edd014038a6860c0001","type":"SIMPLE_PUSH","name":"aeroweb","description":"aeroweb","variantID":"ba3cfa4b-7f47-44a1-bdae-0dc36041bdb2","secret":"1161fa49-2c5b-4101-8102-ea747606d333","developer":"admin","installations":[{"id":"4028819340389edd01403950c7240004","enabled":true,"deviceToken":"e77be181-119c-4c7b-a0cf-97fcd5a610ee","deviceType":null,"operatingSystem":null,"osVersion":null,"alias":"maria","category":"lead","platform":"simplePush"},{"id":"4028819340389edd014039606a5b000a","enabled":true,"deviceToken":"a22ee9a5-f454-4b6a-9129-b75f793b6f08","deviceType":null,"operatingSystem":null,"osVersion":null,"alias":null,"category":"broadcast","platform":"simplePush"},{"id":"4028819340389edd0140395c6b800007","enabled":true,"deviceToken":"d
@sebastienblanc
sebastienblanc / gist:6130217
Created August 1, 2013 10:28
[{"id":"4028819340389edd014038a424ac0000","name":"aerodoc","description":"aerodoc","pushApplicationID":"e4b0aed6-3025-4c5a-bed7-6015db15a5ca","masterSecret":"c1c27eb3-12a0-4a66-9616-dbaee8962384","developer":"admin","androidVariants":[],"simplePushVariants":[{"id":"4028819340389edd014038a6860c0001","type":"SIMPLE_PUSH","name":"aeroweb","description":"aeroweb","variantID":"ba3cfa4b-7f47-44a1-bdae-0dc36041bdb2","secret":"1161fa49-2c5b-4101-8102-ea747606d333","developer":"admin","installations":[{"id":"4028819340389edd01403950c7240004","enabled":true,"deviceToken":"e77be181-119c-4c7b-a0cf-97fcd5a610ee","deviceType":null,"operatingSystem":null,"osVersion":null,"alias":"maria","category":"lead","platform":"simplePush"},{"id":"4028819340389edd014039606a5b000a","enabled":true,"deviceToken":"a22ee9a5-f454-4b6a-9129-b75f793b6f08","deviceType":null,"operatingSystem":null,"osVersion":null,"alias":null,"category":"broadcast","platform":"simplePush"},{"id":"4028819340389edd0140395c6b800007","enabled":true,"deviceToken":"d
@sebastienblanc
sebastienblanc / gist:6130323
Created August 1, 2013 10:48
12:40:52,847 INFO [org.jboss.aerogear.connectivity.service.sender.impl.SenderServiceImpl] (EJB default - 9) Processing 'selective send' request with 'SelectiveSendMessage [criterias=[aliases=[maria], deviceTypes=null, category=null, variants=null], simplePush=null, alert=A new lead has been created, sound=default, badge=-1, data={id=40, phone=sasasa, location=sasas, name=sasa, simple-push={lead=version=1}, messageType=pushed_lead}]' payload
@sebastienblanc
sebastienblanc / gist:6133102
Last active December 20, 2015 12:39

My app is using ag-sec and the @secure annotation.

Scenario: hitting secured endpoints without CORS (webapp deployed in the same domain)

When the user has not the role specified by @secure I got an exception, as expected https://gist.github.com/sebastienblanc/6134149

I assume it is because of this https://github.com/aerogear/aerogear-security/blob/master/src/main/java/org/jboss/aerogear/security/interceptor/SecurityInterceptor.java#L71 and perfect works as designed.

And without CORS, the server returns a nice 401 status to the client.

Testing in a CORS configuration (web client running under another domain)

Same scenario I'm hitting a secure role without having the role needed (BTW the OPTIONS preflights are handled without any errors).

@sebastienblanc
sebastienblanc / gist:6134149
Created August 1, 2013 18:53
18:40:13,347 ERROR [org.jboss.ejb3.invocation] (http--0.0.0.0-8080-4) JBAS014134: EJB Invocation failed on component LeadEndpoint for method public javax.ws.rs.core.Response org.jboss.aerogear.aerodoc.rest.LeadEndpoint.listAll(javax.servlet.http.HttpServletRequest): javax.ejb.EJBException: org.jboss.resteasy.spi.UnauthorizedException: Not authorized!
at org.jboss.as.ejb3.tx.CMTTxInterceptor.handleExceptionInOurTx(CMTTxInterceptor.java:166) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.as.ejb3.tx.CMTTxInterceptor.invokeInOurTx(CMTTxInterceptor.java:230) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.as.ejb3.tx.CMTTxInterceptor.required(CMTTxInterceptor.java:304) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.as.ejb3.tx.CMTTxInterceptor.processInvocation(CMTTxInterceptor.java:190) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.j
@sebastienblanc
sebastienblanc / gist:6363478
Created August 28, 2013 08:19
[INFO] -------------------------------------------------------------
[ERROR] COMPILATION ERROR :
[INFO] -------------------------------------------------------------
[ERROR] bootstrap class path not set in conjunction with -source 1.6
/home/sebastien/aerogear/pushdemos/aerodoc/src/main/java/org/jboss/aerogear/aerodoc/model/entity/RoleTypeEntity.java:[22,38] error: package org.picketlink.idm.model.sample does not exist
[ERROR] /home/sebastien/aerogear/pushdemos/aerodoc/src/main/java/org/jboss/aerogear/aerodoc/model/entity/GroupTypeEntity.java:[22,38] error: package org.picketlink.idm.model.sample does not exist
[ERROR] /home/sebastien/aerogear/pushdemos/aerodoc/src/main/java/org/jboss/aerogear/aerodoc/model/entity/AccountTypeEntity.java:[22,38] error: package org.picketlink.idm.model.sample does not exist
[ERROR] /home/sebastien/aerogear/pushdemos/aerodoc/src/main/java/org/jboss/aerogear/aerodoc/model/entity/AccountTypeEntity.java:[23,38] error: package org.picketlink.idm.model.sample does not exist
[ERROR] /