Hi, I have developed an O-Auth 1.0 component using CXF 2.6.2. I am maintaining Client information in a database table along with the URLs to which the client has permissions. My data-provider reads these details and populates them in the pre-authorized token of the Client object and also in the scopes of the AccessToken object which it creates and returns.
Whenever the permission is a *, then the client is allowed access to the web-service. However, when the access is provided for a specific service URL, then CXF does not allow access by saying that the "client has no valid permissions" even though the permission for the URL is being read from the database and populated in the AccessToken object's scopes. I have tried with relative URL as well as absolute URL. My service URL looks like: http://localhost:8080/WebAppName/services/myservices/service1 - services is the URL pattern of the CXFServlet, myservices is the address of the JAX-RS server and service1 is the path of the class in which my web-service implementation is provided. I have tried with various combinations for the permission such as the whole URL or just /WebAppName/services/myservices/service1 or just /services/myservices/service1 Please let me know what I'm doing wrong here. Thanks, Mayank. -- View this message in context: http://cxf.547215.n5.nabble.com/URL-format-for-O-Auth-1-0-in-CXF-tp5720343.html Sent from the cxf-user mailing list archive at Nabble.com.
