By: Emma Lee user 11 May 2017 at 9:10 a.m. CDT

6 Responses
Emma Lee gravatar
Hi, I tried to deploy this project https://github.com/GluuFederation/oxUmaDemo to my own server and connect it to my own GLUU server (it needs to connect to GLUU, not to OXD, right ?). The scopes and resources were registered successfully, also I created the clients for the RP and RS manually, but I have several errors: - a Warning when the RP and RS services starts. Any idea what this means? ``` 2017-05-11 11:50:58,962 INFO [org.xdi.uma.demo.rp.server.Configuration] RS configuration loaded successfully. 2017-05-11 11:51:01,798 WARN [org.apache.http.client.protocol.ResponseProcessCookies] Cookie rejected: "[version: 0][name: JSESSIONID][value: 1vrai6jcp3yzu1dcsbx86ehpy5][domain: ec2.us-west-2.compute.amazonaws.com][path: /oxauth][expiry: null]". Illegal path attribute "/oxauth". Path of origin: "/.well-known/uma-configuration" ``` - In the RS, I get the message **"cannot obtain PAT token"** but the error is not very helpful: http://myserver:8080/oxuma-rs/rs.html - Error in the RP: http://myserver:8090/oxuma-rp/rp.html ``` 2017-05-11 13:57:27,063 DEBUG [org.xdi.uma.demo.rp.server.PhoneService] Try to add phone number: 5555555 2017-05-11 13:57:27,094 DEBUG [org.xdi.uma.demo.rp.server.PhoneService] **Authorization is possible only if status is FORBIDDEN. Response status: Internal Server Error message: Error status 500 Internal Server Error returned** 2017-05-11 13:57:27,094 DEBUG [org.xdi.uma.demo.rp.server.PhoneService] Failed to authorize RPT. 2017-05-11 13:57:59,294 DEBUG [org.xdi.uma.demo.rp.server.RpServlet] Call RS without RPT... ``` Also, I saw that you have another demo on github https://github.com/GluuFederation/api-uma-demo, but there the python script is missing. Thanks a lot.

By Aliaksandr Samuseu staff 11 May 2017 at 10:36 a.m. CDT

Aliaksandr Samuseu gravatar
Hi, Emma. Sorry, had to correct your post a bit to make it more easy to read for all. May I ask how you got references to those demos? If it's not in our current docs chances are they are outdated and not tested properly. >I tried to deploy this project https://github.com/GluuFederation/oxUmaDemo to my own server and connect it to my own GLUU server (it needs to connect to GLUU, not to OXD, right ?) The app should be run on the same host where oxd server is installed to be able to utilize it as a mediator for OIDC and UMA flows, by design. You are expected to access some protected part of the app which should trigger UMA flow involving some redirections to Gluu instance, and in the end you should be returned to the app and access the resource (if you are authorized) - that's the general idea. Could you also provide contents of your `/opt/oxd-server/conf` directory? Please note that there is sensitive license data in `oxd-conf.json`, so you need to sanitize it before sharing as this is publicly visible ticket.

By Emma Lee user 11 May 2017 at 3:08 p.m. CDT

Emma Lee gravatar
Hi, Thank you for your answer. I have found this demo ([https://github.com/GluuFederation/oxUmaDemo](https://github.com/GluuFederation/oxUmaDemo)) by checking this youtube video. [https://youtu.be/zVdUFcEAwPU](https://youtu.be/zVdUFcEAwPU) I am aware that it is a bit outdated but I was hoping that it still works. To me it looks like this demo is supposed to work directly with GLUU, without OXD in between, but I am not sure. In the readme of the project it is mentioned "CE server", which I guess is Gluu Community Edition and not OXD. Can you please confirm? Later edit: it seems that the demo works fine if I open it in a new incognito window, so most of my errors were related to cached cookie. But I still have 2 issues: 1. I still get the error that PAT token cannot be obtained. 2. When I open the Resource Server and the Requesting Party again in my browser in incognito mode, the resources are again registered in Gluu, even if they were already registered. Is there a way to delete UMA resources from GLUU oxauth interface ? Thanks !

By Michael Schwartz Account Admin 11 May 2017 at 7:35 p.m. CDT

Michael Schwartz gravatar
Sorry, this app is a little old. Dog years are 1:70 and UMA years are 1:70... I think since that time UMA might have gone from 1.0 to 1.01. And right now we're working on UMA 2.0 (which is expected to be the final stable version). oxd is certainly not needed, but it is the mechanism that's easiest for us to support, and also guaranteed to be current in version. The other reason we recommend oxd is that it will shield your application from the coming 1.01 --> 2.0 UMA update. With some effort, the sample app could be modified to work. But it's not something we support on these forums.

By Emma Lee user 12 May 2017 at 4:08 a.m. CDT

Emma Lee gravatar
Thanks Michael ! Then I will give up on this one, and will try to build something using OXD and these libraries: https://gluu.org/docs/oxd/libraries

By Aliaksandr Samuseu staff 12 May 2017 at 9:04 a.m. CDT

Aliaksandr Samuseu gravatar
Hi, Emma. Michael is correct, my bad - this one demo doesn't need oxd server. Still, it seems you will need to find some other solution.

By Emma Lee user 12 May 2017 at 9:33 a.m. CDT

Emma Lee gravatar
Thanks, closing the ticket.