When I hit the URL fro my Chrome session I'm getting a 404:
1. Remote Address: xxx.xxx.xxx.xxx 2. Request URL: http://socrates.johandoornenbal.eu.cloudbees.net/restful/services/Parties/actions/allParties/invoke 3. Request Method: GET 4. Status Code: 404 Not Found 5. Request Headersview source 1. Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 2. Accept-Encoding: gzip,deflate,sdch 3. Accept-Language: en-US,en;q=0.8,it;q=0.6 4. Cache-Control: max-age=0 5. Connection: keep-alive 6. Cookie: JSESSIONID=xxxxxxxxxxxxxxx 7. DNT: 1 8. Host: socrates.johandoornenbal.eu.cloudbees.net 9. User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36 10. X-WELFARE_ORG: SDCC 6. Response Headersview source 1. Connection: keep-alive 2. Content-Length: 0 3. Content-Type: application/json 4. Date: Tue, 02 Sep 2014 16:11:21 GMT 5. Server: nginx/1.4.2 6. Warning: 199 RestfulObjects action 'allParties' either does not exist or is not visible Perhaps the CORS error is masking a 404? ~~~ As to why you are getting a 404, I think it might be security. In the web.xml we have: <filter-name>IsisSessionFilterForRestfulObjects</filter-name> <filter-class> org.apache.isis.core.webapp.IsisSessionFilter</filter-class> <!-- authentication required for REST --> <init-param> <param-name> authenticationSessionStrategy</param-name> <param-value> org.apache.isis.viewer.restfulobjects.server.authentication.AuthenticationSessionStrategyTrusted </param-value> ... In fact, that still sets up a session with a username, the username being hard coded to "exploration". However, Shiro authorization is still configured (in the isis.properties) file. In the shiro.ini there is no permissions for the "exploration" user: [users] sven = pass, admin_role dick = pass, user_role, self-install_role bob = pass, user_role, self-install_role joe = pass, user_role, self-install_role guest = guest, user_role [roles] # role = perm1, perm2, perm3, ... # perm in format: packageName:className:memberName:r,w user_role = *:ToDoItemsJdo:*:*,\ *:ToDoItem:*:* self-install_role = *:ToDoItemsFixturesService:install:* admin_role = * So you could probably get things going by adding "exploration = pass, admin_role" in the [users] section. An alternative would be to switch off Shiro by updating isis.properties to use "bypass" authorization mechanism instead (basically a no-op: isis.authorization=bypass Let me know if that helps at all... Dan On 2 September 2014 17:05, <[email protected]> wrote: > When connecting to REST Api I get this message: > > > > XMLHttpRequest cannot load > http://socrates.johandoornenbal.eu.cloudbees.net/restful/services/Parties/actions/allParties/invoke. > No 'Access-Control-Allow-Origin' header is present on the requested > resource. Origin 'http://localhost:8000' is therefore not allowed access. > > > > While > > > > http://socrates.johandoornenbal.eu.cloudbees.net/restful/services/Parties > > is working. > > > > Can someone explain me what is going on? Is this a filtersetting > in web.xml or ...? Or has this to do with identification (I am > using > org.apache.isis.viewer.restfulobjects.server.authentication.AuthenticationSessionStrategyTrusted > in web.xml) > >
