Hi Girish,
i did a quit check using flutter test this morning and it looks like it
is working fine.
for people interested in using flutter(http://flutter.dev) with ofbiz:
the test:
https://github.com/growerp/growerp/blob/master/test/services/ofbiz_testManual.dart
if you want to run you need to install the growerp plugin into
ofbiz: https://github.com/growerp/growerp-ofbiz
Thank you Girish for this enhancement and keep up the good work!
Regards,
Hans Bakker
http://www.antwebsystems.com
On 9/26/20 4:05 PM, Girish Vasmatkar wrote:
Hello Hans
With the latest commi1361c3c
<https://github.com/apache/ofbiz-plugins/commit/1361c3cdaf7d6756cc9abdc6c37450ef3d46f921> on
trunk, the system now honours the "auth" attribute defined on service
and accordingly bypasses authorization for such services.
Best,
Girish
On Thu, Sep 10, 2020 at 5:46 PM Hans Bakker
<h.bak...@antwebsystems.com <mailto:h.bak...@antwebsystems.com>> wrote:
Thank you Girish,
look forward to your updates of this excellent and much needed
addition to OFBiz.
Regars
Hans
www.antwebsystems.com <http://www.antwebsystems.com>
On 9/10/20 3:27 PM, Girish Vasmatkar wrote:
Thanks Hans, I will plan to include this change for the
exportable services as well.
There is also OFBIZ-11995, where more RESTFul resources can be
declared (development is undergoing) and bound to services where
I had planned to include declarative authentication.
*
*
Best Regards,
Girish Vasmatkar
HotWax Systems
On Thu, Sep 10, 2020 at 12:08 PM Hans Bakker
<h.bak...@antwebsystems.com <mailto:h.bak...@antwebsystems.com>>
wrote:
Hi Girish,
how about ecommerce? you want to show the products without
logging in,
actually all information on the ecommerce frontend?
so yes, really required.....
regards,
Hans
On 9/10/20 12:37 PM, Girish Vasmatkar wrote:
> Every REST endpoint, as it is implemented now, is secured
by default. I had
> not thought of a scenario where internal OFBiz services
will need to be
> invoked without authentication (externally)
>
> Yes, the services themselves can be specified to NOT
require auth but I had
> always thought that was applicable within internal
execution. I may be
> wrong here, so please correct me.
>
> auth and login-required are not taken into account yet, but
can certainly
> be, if some exportable services should be exposed as public
APIs.
>
> Best Regards,
> Girish Vasmatkar
> HotWax Systems
>
>
>
> On Thu, Sep 10, 2020 at 5:55 AM Hans Bakker
<h.bak...@antwebsystems.com <mailto:h.bak...@antwebsystems.com>>
> wrote:
>
>> Hi, Girish,
>>
>> thanks again for your last reply it defenity helped,
however i have
>> another question.
>>
>> I need to access certain services publicly without a token.
>>
>> I have put auth="false" on the service definition and
>> login-required="false" on the simple-method implementation
>>
>> still i get a 401 response.
>>
>> any suggestions?
>>
>> Regards,
>>
>> Hans
>>
>>