Access Forbidden (403) error using Bitnami in AWS


#1

Hi,

Just recently setup Dreamfactory 2.0 in AWS using Bitnami. I have setup my service for my AWS RDS which works well when access data through Data tab.

So I wanted to test the API using Advanced Rest Client in Google Chrome. I was able to authenticate fine. I got my Session Token. Now when I try to do an HTTP GET (http://url/api/v2/mydb/_table/my_table) using the API Key and Session Token for headers X-DreamFactory-Application-Name and X-DreamFactory-Session-Token respectively, I am getting the following error:

{“error”:{“context”:null,“message”:“Access Forbidden.”,“code”:403,“trace”:[“0 [internal function]: DreamFactory\Http\Middleware\AccessCheck->handle(Object(Illuminate\Http\Request), Object(Closure))”,“1 /opt/bitnami/apps/dreamfactory/htdocs/bootstrap/cache/compiled.php(9545): call_user_func_array(Array, Array)”,“2 [internal function]: Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))”,“3 /opt/bitnami/apps/dreamfactory/htdocs/bootstrap/cache/compiled.php(9535): call_user_func(Object(Closure), Object(Illuminate\Http\Request))”,“4 /opt/bitnami/apps/dreamfactory/htdocs/bootstrap/cache/compiled.php(8892): Illuminate\Pipeline\Pipeline->then(Object(Closure))”,“5 /opt/bitnami/apps/dreamfactory/htdocs/bootstrap/cache/compiled.php(8877): Illuminate\Routing\ControllerDispatcher->callWithinStack(Object(DreamFactory\Http\Controllers\RestController), Object(Illuminate\Routing\Route), Object(Illuminate\Http\Request), ‘handleGET’)”,“6 /opt/bitnami/apps/dreamfactory/htdocs/bootstrap/cache/compiled.php(7831): Illuminate\Routing\ControllerDispatcher->dispatch(Object(Illuminate\Routing\Route), Object(Illuminate\Http\Request), ‘DreamFactory\\Ht…’, ‘handleGET’)”,“7 /opt/bitnami/apps/dreamfactory/htdocs/bootstrap/cache/compiled.php(7802): Illuminate\Routing\Route->runWithCustomDispatcher(Object(Illuminate\Http\Request))”,“8 /opt/bitnami/apps/dreamfactory/htdocs/bootstrap/cache/compiled.php(7455): Illuminate\Routing\Route->run(Object(Illuminate\Http\Request))”,“9 [internal function]: Illuminate\Routing\Router->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))”,“10 /opt/bitnami/apps/dreamfactory/htdocs/bootstrap/cache/compiled.php(9553): call_user_func(Object(Closure), Object(Illuminate\Http\Request))”,“11 [internal function]: Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))”,“12 /opt/bitnami/apps/dreamfactory/htdocs/bootstrap/cache/compiled.php(9535): call_user_func(Object(Closure), Object(Illuminate\Http\Request))”,“13 /opt/bitnami/apps/dreamfactory/htdocs/bootstrap/cache/compiled.php(7456): Illuminate\Pipeline\Pipeline->then(Object(Closure))”,“14 /opt/bitnami/apps/dreamfactory/htdocs/bootstrap/cache/compiled.php(7444): Illuminate\Routing\Router->runRouteWithinStack(Object(Illuminate\Routing\Route), Object(Illuminate\Http\Request))”,“15 /opt/bitnami/apps/dreamfactory/htdocs/bootstrap/cache/compiled.php(7429): Illuminate\Routing\Router->dispatchToRoute(Object(Illuminate\Http\Request))”,“16 /opt/bitnami/apps/dreamfactory/htdocs/bootstrap/cache/compiled.php(2304): Illuminate\Routing\Router->dispatch(Object(Illuminate\Http\Request))”,“17 [internal function]: Illuminate\Foundation\Http\Kernel->Illuminate\Foundation\Http\{closure}(Object(Illuminate\Http\Request))”,“18 /opt/bitnami/apps/dreamfactory/htdocs/bootstrap/cache/compiled.php(9553): call_user_func(Object(Closure), Object(Illuminate\Http\Request))”,“19 /opt/bitnami/apps/dreamfactory/htdocs/vendor/barryvdh/laravel-cors/src/HandleCors.php(43): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))”,“20 [internal function]: Barryvdh\Cors\HandleCors->handle(Object(Illuminate\Http\Request), Object(Closure))”,“21 /opt/bitnami/apps/dreamfactory/htdocs/bootstrap/cache/compiled.php(9545): call_user_func_array(Array, Array)”,“22 /opt/bitnami/apps/dreamfactory/htdocs/bootstrap/cache/compiled.php(17932): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))”,“23 [internal function]: DreamFactory\Http\Middleware\FirstUserCheck->handle(Object(Illuminate\Http\Request), Object(Closure))”,“24 /opt/bitnami/apps/dreamfactory/htdocs/bootstrap/cache/compiled.php(9545): call_user_func_array(Array, Array)”,“25 /opt/bitnami/apps/dreamfactory/htdocs/bootstrap/cache/compiled.php(12881): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))”,“26 [internal function]: Illuminate\View\Middleware\ShareErrorsFromSession->handle(Object(Illuminate\Http\Request), Object(Closure))”,“27 /opt/bitnami/apps/dreamfactory/htdocs/bootstrap/cache/compiled.php(9545): call_user_func_array(Array, Array)”,“28 /opt/bitnami/apps/dreamfactory/htdocs/bootstrap/cache/compiled.php(11504): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))”,“29 [internal function]: Illuminate\Session\Middleware\StartSession->handle(Object(Illuminate\Http\Request), Object(Closure))”,“30 /opt/bitnami/apps/dreamfactory/htdocs/bootstrap/cache/compiled.php(9545): call_user_func_array(Array, Array)”,“31 /opt/bitnami/apps/dreamfactory/htdocs/bootstrap/cache/compiled.php(12622): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))”,“32 [internal function]: Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse->handle(Object(Illuminate\Http\Request), Object(Closure))”,“33 /opt/bitnami/apps/dreamfactory/htdocs/bootstrap/cache/compiled.php(9545): call_user_func_array(Array, Array)”,“34 /opt/bitnami/apps/dreamfactory/htdocs/bootstrap/cache/compiled.php(12561): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))”,“35 [internal function]: Illuminate\Cookie\Middleware\EncryptCookies->handle(Object(Illuminate\Http\Request), Object(Closure))”,“36 /opt/bitnami/apps/dreamfactory/htdocs/bootstrap/cache/compiled.php(9545): call_user_func_array(Array, Array)”,“37 /opt/bitnami/apps/dreamfactory/htdocs/bootstrap/cache/compiled.php(2978): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))”,“38 [internal function]: Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode->handle(Object(Illuminate\Http\Request), Object(Closure))”,“39 /opt/bitnami/apps/dreamfactory/htdocs/bootstrap/cache/compiled.php(9545): call_user_func_array(Array, Array)”,“40 [internal function]: Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))”,“41 /opt/bitnami/apps/dreamfactory/htdocs/bootstrap/cache/compiled.php(9535): call_user_func(Object(Closure), Object(Illuminate\Http\Request))”,“42 /opt/bitnami/apps/dreamfactory/htdocs/bootstrap/cache/compiled.php(2251): Illuminate\Pipeline\Pipeline->then(Object(Closure))”,“43 /opt/bitnami/apps/dreamfactory/htdocs/bootstrap/cache/compiled.php(2234): Illuminate\Foundation\Http\Kernel->sendRequestThroughRouter(Object(Illuminate\Http\Request))”,“44 /opt/bitnami/apps/dreamfactory/htdocs/public/index.php(53): Illuminate\Foundation\Http\Kernel->handle(Object(Illuminate\Http\Request))”,“45 {main}”]}}

I have my role setup with access to All services and All methods. I have assigned this role to my user and application. However, I still get this error.

Is there anything I missed?

Regards,
Allen


#2

Hi @allensandiego, You have set the CORS?

You need not be as permissive as the example above, but should include GET *


#3

Hi,

I tried as you suggested. Created an entry in CORS using same values as in your screenshot. Re-authenticated and then tried to execute an HTTP GET using the new Token… Unfortunately I’m still getting the same error.

One thing I noticed though is that in the CORS settings, everytime I select the CORS entry that I created and click Update, the List Box goes right back to “–Select CORS Entry–” and not the “*”. Not sure if this is the standard behavior.


#4

X-DreamFactory-Application-Name is deprecated in 2.0
The header is X-DreamFactory-API-Key

see: http://wiki.dreamfactory.com/DreamFactory/Common-Headers-Parameters for reference


#5

This behavior is here too, and seems to be just a small bug in the interface. The configuration is saved correctly


#6

This seems to have fix the problem.

I also noticed that no headers are required when posting to /user/session. Initially I had X-DreamFactory-Application-Name added and was able to authenticate so I assumed that the header is okay.

Thanks for the tip.