Hi, It is not safe to send credentials in a http request (login), I think we need to update the docs to use https.
On Fri, Sep 11, 2015 at 9:41 AM, Nuwan Dias <[email protected]> wrote: > They run on HTTPS only. If you send an http request, it automatically > redirects to https. > > On Fri, Sep 11, 2015 at 8:46 AM, Udara Liyanage <[email protected]> wrote: > >> Hi, >> >> I could create APIs by changing to port 9443 and protocol to HTTPS. >> However why does REST APIs runs on HTTP? >> >> curl -X POST -c cookies >> https://localhost:9443/publisher/site/blocks/user/login/ajax/login.jag >> -d 'action=login&username=admin&password=admin' -k >> >> >> curl -b cookies -k >> https://localhost:9443/publisher/site/blocks/item-add/ajax/add.jag -d >> "action=addAPI&name=PhoneVerification&context=/phoneverify&version=1.0.0&visibility=public&thumbUrl=&description=Verify >> a phone >> number&tags=phone,mobile,multimedia&endpointType=nonsecured&wsdl=&wadl=&tiersCollection=Gold,Bronze&http_checked=http&https_checked=https&resourceCount=0&resourceMethod-0=GET&resourceMethodAuthType-0=Application&resourceMethodThrottlingTier-0=Unlimited&uriTemplate-0=/*&default_version_checked=default_version&bizOwner=xx&bizOwnerMail= >> [email protected]&techOwner=xx&[email protected]" >> -d'endpoint_config={"production_endpoints":{"url":" >> http://ws.cdyne.com/phoneverify/phoneverify.asmx","config":null},"endpoint_type":"http >> "}'; >> >> On Fri, Sep 11, 2015 at 4:18 AM, Udara Liyanage <[email protected]> wrote: >> >>> Hi, >>> >>> I got this error while trying the sample Add API command mentioned in >>> the doc <https://docs.wso2.com/display/AM190/Publisher+APIs>. No >>> backend error is displayed, any idea? >>> >>> >>> $ curl -X POST -c cookies >>> http://localhost:9763/publisher/site/blocks/user/login/ajax/login.jag >>> -d 'action=login&username=admin&password=admin' >>> {"error" : false} >>> >>> >>> $ curl -X POST -b cookies >>> http://localhost:9763/publisher/site/blocks/item-add/ajax/add.jag -d >>> "action=addAPI&name=PhoneVerification&context=/phoneverify&version=1.0.0&visibility=public&thumbUrl=&description=Verify >>> a phone >>> number&tags=phone,mobile,multimedia&endpointType=nonsecured&tiersCollection=Gold,Bronze&http_checked=http&https_checked=https&resourceCount=0&resourceMethod-0=GET&resourceMethodAuthType-0=Application&resourceMethodThrottlingTier-0=Unlimited&uriTemplate-0=/*&default_version_checked=default_version&bizOwner=xx&bizOwnerMail= >>> [email protected]&techOwner=xx&[email protected]" >>> -d'endpoint_config={"production_endpoints":{"url":" >>> http://ws.cdyne.com/phoneverify/phoneverify.asmx >>> ","config":null},"endpoint_type":"http"}'; >>> {"error" : true, "message" : "*timeout*"} >>> >>> -- >>> >>> Udara Liyanage >>> Software Engineer >>> WSO2, Inc.: http://wso2.com >>> lean. enterprise. middleware >>> >>> web: http://udaraliyanage.wordpress.com >>> phone: +94 71 443 6897 >>> >> >> >> >> -- >> >> Udara Liyanage >> Software Engineer >> WSO2, Inc.: http://wso2.com >> lean. enterprise. middleware >> >> web: http://udaraliyanage.wordpress.com >> phone: +94 71 443 6897 >> >> _______________________________________________ >> Dev mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > Nuwan Dias > > Technical Lead - WSO2, Inc. http://wso2.com > email : [email protected] > Phone : +94 777 775 729 > -- Udara Liyanage Software Engineer WSO2, Inc.: http://wso2.com lean. enterprise. middleware web: http://udaraliyanage.wordpress.com phone: +94 71 443 6897
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
