By: Reza Soltani user 01 May 2015 at 11:12 a.m. CDT

1 Response
Reza Soltani gravatar
I am trying to replicate the environment demoed on I have oxAuth running properly on a remote CentOS server. I have obtained the ResourceServer and RequestingParty maven projects from the Gluu repository. The projects run locally on Eclipse, on a Tomcat 7 server. During the execution of the ResourceServer.. the RS is able to obtain its PAT. But when it tries to make changes to resource set using the following request, it receives a 404 error from oxAuth: 2015-04-29 16:04:15,301 DEBUG [org.apache.http.headers] >> PUT /oxauth/seam/resource/restv1/host/rsrc/resource_set/resource_set/1430337855139 HTTP/1.1 2015-04-29 16:04:15,301 DEBUG [org.apache.http.headers] >> Authorization: Bearer 1234567-1234-111-1231-12345667 2015-04-29 16:04:15,301 DEBUG [org.apache.http.headers] >> Accept: application/json 2015-04-29 16:04:15,301 DEBUG [org.apache.http.headers] >> Accept-Encoding: gzip, deflate 2015-04-29 16:04:15,301 DEBUG [org.apache.http.headers] >> Content-Length: 284 2015-04-29 16:04:15,301 DEBUG [org.apache.http.headers] >> Content-Type: application/json 2015-04-29 16:04:15,301 DEBUG [org.apache.http.headers] >> Host: 2015-04-29 16:04:15,301 DEBUG [org.apache.http.headers] >> Connection: Keep-Alive 2015-04-29 16:04:15,302 DEBUG [org.apache.http.headers] >> User-Agent: Apache-HttpClient/4.2.2 (java 1.5) 2015-04-29 16:04:15,302 DEBUG [org.apache.http.wire] >> "{"name":"Gluu phones","icon_uri":null,"scopes":["http://localhost:8000/oxuma-rs/ws/scope/view","http://localhost:8000/oxuma-rs/ws/scope/edit","http://localhost:8000/oxuma-rs/ws/scope/add","http://localhost:8000/oxuma-rs/ws/scope/remove","http://localhost:8000/oxuma-rs/ws/scope/all"]}" 2015-04-29 16:04:15,324 DEBUG [org.apache.http.wire] << "HTTP/1.1 404 Not Found[\r][\n]" 2015-04-29 16:04:15,324 DEBUG [org.apache.http.wire] << "Date: Wed, 29 Apr 2015 19:59:48 GMT[\r][\n]" 2015-04-29 16:04:15,324 DEBUG [org.apache.http.wire] << "Content-Type: text/html;charset=utf-8[\r][\n]" 2015-04-29 16:04:15,324 DEBUG [org.apache.http.wire] << "Content-Language: en[\r][\n]" 2015-04-29 16:04:15,324 DEBUG [org.apache.http.wire] << "Content-Length: 1379[\r][\n]" 2015-04-29 16:04:15,325 DEBUG [org.apache.http.wire] << "Set-Cookie: JSESSIONID=785C29224F39EC31FFFED6B8167123456; Path=/oxauth/; Secure; HttpOnly;HttpOnly[\r][\n]" 2015-04-29 16:04:15,325 DEBUG [org.apache.http.wire] << "Connection: close[\r][\n]" 2015-04-29 16:04:15,325 DEBUG [org.apache.http.wire] << "[\r][\n]" Going through the logs I noticed that the term resource_set/ is repeated twice in the URL. Removing one of them and making the request again returns the following JSON from the oxAuth server: {"error":"invalid_client_scope","error_description":"The requested scope is invalid, unknown, or malformed."} What is wrong with this process? should there be two resource_sets/ in the URL? and Other than adding the ResourceServer to the Gluu server as a Client, do I have to add any resource sets or policies too for the above request to work? Note: At the moment I have added: '' and 'uma_protection' both as the scopes of the ResourceServer client within the Gluu server.

By Michael Schwartz Account Admin 01 May 2015 at 11:28 a.m. CDT

Michael Schwartz gravatar
I hate to do this to you Reza, but we just released 2.2, and you should update. There are breaking changes with UMA .9. If you still see this problem, please open another issue.