Skip to main content


Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » Eclipse SmartHome » ESH + Authorisation + OPTIONS method(ESH is trying to authorise requests with HTTP OPTIONS method)
ESH + Authorisation + OPTIONS method [message #1794760] Thu, 06 September 2018 07:48 Go to next message
Bartosz Kowalczyk is currently offline Bartosz KowalczykFriend
Messages: 4
Registered: June 2018
Junior Member
Hello Dear ESH Community,

I am trying to run ESH along with authorisation mechanisms. I've launched required bundles such as:

org.eclipse.smarthome.io.rest.auth (0.10.0.qualifier) +
my modification of the JWT authorisation bundle.


My implementation works until a browser sends a request with HTTP OPTIONS method.

ESH should respond with acceptable methods without invoking authorisation mechanisms.

Instead, the authorisation mechanisms are invoked. Since this request is missing the Authorisation header, I am getting the following CORS error as a response:
Access to XMLHttpRequest (...) has been blocked by CORS policy: Request header field Authorization is not allowed by Access-Control-Allow-Headers in preflight response.


Note that my ESH instance is configured to enable CORS in smarthome.cfg file.
# Uncomment to enable rest api CORS requests
org.eclipse.smarthome.cors:enable=true


Is there any bundle to overcome this problem or should I implement my own CORS handler to catch the OPTIONS HTTP preflights?

If so, where is the right spot to implement it and plug to the rest of the ESH?

Any advices, classes, interfaces names or code snippets are much appreciated.
Re: ESH + Authorisation + OPTIONS method [message #1794765 is a reply to message #1794760] Thu, 06 September 2018 08:32 Go to previous messageGo to next message
Kai Kreuzer is currently offline Kai KreuzerFriend
Messages: 658
Registered: December 2011
Senior Member
Hi Bartosz,

Note sure if you are aware that Lukasz is currently completely refactoring the authorisation support in ESH with https://github.com/eclipse/smarthome/pull/6034. I think the issue of OPTIONS requests being handled correctly should best be addressed within that PR - so feel free to test it and comment on it!

Regards,
Kai
Re: ESH + Authorisation + OPTIONS method [message #1794773 is a reply to message #1794765] Thu, 06 September 2018 10:35 Go to previous messageGo to next message
Bartosz Kowalczyk is currently offline Bartosz KowalczykFriend
Messages: 4
Registered: June 2018
Junior Member
I wasn't aware of this ongoing refactoring actions. Can you please provide me with the link to the issue ticket for that implementation? The link you provided does not work for me.
Re: ESH + Authorisation + OPTIONS method [message #1794774 is a reply to message #1794773] Thu, 06 September 2018 10:45 Go to previous message
Kai Kreuzer is currently offline Kai KreuzerFriend
Messages: 658
Registered: December 2011
Senior Member
Remove the "." at the end of the link (this forum accidentially adds that).
Previous Topic:New Prometheus Metrics bundle - Need help attaching to Pax logging
Next Topic:Receiving Items state
Goto Forum:
  


Current Time: Tue Sep 25 05:25:04 GMT 2018

Powered by FUDForum. Page generated in 0.06053 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top