Hello! I know this is an old post, but did you find a solution for your problem? I'm facing the exact same issue.
I'm getting desperate as I can't find a solution anywhere. On Wednesday, 2 August 2017 12:12:04 UTC-3, [email protected] wrote: > > Hi, > > My dropwizard has been setup with Shiro for authentication. I am currently > sending requests from a different port to my dropwizard service but I get a > *HTTP > 401 Unauthorized status error.* > > My dropwizard application is hosted on > http://localhost:8199/api/konak/orders and my angular application is > being launched from http://localhost:4200 > > Below are some details regarding my setup. Please let me know if you need > any further information. > > > *HTTP Request-Response where I get 401 Unauthorized error* > > *General* > > Request URL:http://localhost:8199/api/konak/reconciliations > Request Method:GET > Status Code:401 Unauthorized > Remote Address:[::1]:8199 > Referrer Policy:no-referrer-when-downgrade > > *Request Headers* > > Content-Length:0 > Date:Wed, 02 Aug 2017 13:17:49 GMT > WWW-Authenticate:BASIC realm="application" > > *Request Headers* > > Accept:application/json, text/plain, */* > Accept-Encoding:gzip, deflate, br > Accept-Language:en-GB,en-US;q=0.8,en;q=0.6 > Connection:keep-alive > Host:localhost:8199 > Origin:http://localhost:4200 > Referer:http://localhost:4200/konak-dashboard > User-Agent:Mozilla/5.0 > <http://localhost:4200/konak-dashboardUser-Agent:Mozilla/5.0> (Windows NT > 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.78 > Safari/537.3 > > > *Below is my shiro.ini file. * > > l# Use SSO > contextFactory = org.apache.shiro.realm.ldap.JndiLdapContextFactory > contextFactory.url = ldap://<hidden-ldap-config> > contextFactory.systemUsername = svc-gitlab > contextFactory.systemPassword = xxxxxxxxxxxx > > ldapRealm = org.apache.shiro.realm.ldap.JndiLdapRealm > ldapRealm.userDnTemplate = {0}<@company.domain> > ldapRealm.contextFactory = $contextFactory > > allowAllCredentialsMatcher=org.apache.shiro.authc.credential.AllowAllCredentialsMatcher > > authenticationStrategy = org.apache.shiro.authc.pam.AllSuccessfulStrategy > securityManager.authenticator.authenticationStrategy = $authenticationStrategy > > waffleRealmSSO = waffle.shiro.negotiate.NegotiateAuthenticationRealm > waffleUserPass = waffle.shiro.GroupMappingWaffleRealm > waffleFilter = waffle.shiro.negotiate.NegotiateAuthenticationFilter > > securityManager.realms= $waffleRealmSSO, $ldapRealm > > # Use the configured native session manager: > sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager > securityManager.sessionManager = $sessionManager > # the following call is only necessary in a web-configured ShiroFilter > (otherwise > # a native session manager is already enabled): > securityManager.sessionMode = native > > # cookie for single sign on > cookie = org.apache.shiro.web.servlet.SimpleCookiecookie.name = SSOcookie > cookie.path = / > securityManager.sessionManager.sessionIdCookie = $cookie > > authcStrategy = waffle.shiro.negotiate.NegotiateAuthenticationStrategy > securityManager.authenticator.authenticationStrategy = $authcStrategy > > [urls] > /** = port[8199], authcBasic, noSessionCreation > > > > *CORS Filter* > > I have setup my CORS filter as follows in my dropwizard application > > private void enableCorsHeaders(Environment env) { > final FilterRegistration.Dynamic corsFilter = > env.servlets().addFilter("CrossOriginFilter", CrossOriginFilter.class); > > corsFilter.setInitParameter("Access-Header", "true"); > corsFilter.setInitParameter("Access-Control-Allow-Credentials", > "true"); > corsFilter.setInitParameter("Access-Control-Allow-Origin", > "http://localhost:4200";); > corsFilter.setInitParameter("Access-Control-Allow-Headers", "Origin, > X-Requested-With, Content-Type, Accept, Access-Control-Request-Headers, > Access-Control-Request-Method, Cache-Control, Pragma, Expires"); > corsFilter.setInitParameter("Access-Control-Allow-Methods\" ", > "OPTIONS,GET,PUT,POST,DELETE,HEAD"); > corsFilter.setInitParameter("allowedOrigins", "*"); > corsFilter.setInitParameter("allowedHeaders", > "X-Requested-With,Content-Type,Accept,Origin"); > corsFilter.setInitParameter("allowedMethods", > "OPTIONS,GET,PUT,POST,DELETE,HEAD"); > corsFilter.setInitParameter(CrossOriginFilter.CHAIN_PREFLIGHT_PARAM, > Boolean.FALSE.toString()); > > // Add URL mapping > > corsFilter.addMappingForUrlPatterns(EnumSet.of(DispatcherType.REQUEST), true, > "/*"); > } > > -- You received this message because you are subscribed to the Google Groups "dropwizard-user" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
