Closed rpobulic closed 1 year ago
I made a successful fix in aries_cloudagent/admin/server.py in my local rep:
# base wallet is not allowed to perform ssi related actions.
# Only multitenancy and general server actions
if (
not authorization_header
and not is_multitenancy_path
and not is_server_path
and not is_unprotected_path(path)
and not base_limited_access_path
and not (request.method == "OPTIONS")# CORS fix
):
raise web.HTTPUnauthorized()
Tested for several days, no problems. If this logic is OK, can it be fixed in main?
@TimoGlastra @ianco -- thoughts on this one? Should that be allowed?
Seems ok to me. @rpobulic can you provide a PR?
I am not a Python programmer, so I am not contributing to aca-py, thus I am not setup for providing a PR. Please, can you just copy that one line and make a PR?
FYI taking a look at this now ...
@rpobulic the fix is in the main
branch
Works OK now, thank you!
On current main, similar to #1575 , but while using multitenant. log: Handler error with exception: Unauthorized 10.0.0.231 [26/Oct/2022:10:03:31 +0000] "OPTIONS /connections HTTP/1.1" 401 178 "https://...