DOORS DXL RTC Login

We recently moved over to using IBM RTC, now when opening a module and view with external RTC links we get the OAuth prompt to log into RTC before proceeding. This really hasn't been a problem until recently I was was instructed to create a DXL script that would do a nightly export of a module with a view that contains external RTC links. When I attempt to open the module and view via DXL I continue to get the OAuth prompt.

After reading a bunch of random online forums,  I ventured down the  rabbit hole using DXL but didn't succeed ... I continue to get the OAuth prompt. I am curious if any others have run into this and have had any luck or any type of workaround? Below is definitely a work in progress, but what I cam up with so far.

void rtcLogin(string aUrl, aUserid, aPassword){

  HttpBody   lBody   = create()
  HttpHeader lGetHeader = create()
  HttpHeader lPostHeader = create()
  
  string lError = null
  HttpResponse lResponse = null
  
  add(lGetHeader, "Accept", "text/xml")
  add(lGetHeader, "OSLC-Core-Version", "2.0")
  add(lGetHeader, "Content-Type", "application/rdf+xml")
  lError = HttpRequest(HttpGet, aUrl "/auth/authrequired", lBody, lGetHeader, lResponse)
  if(!null lError) print lError "\n"
  
  add(lPostHeader, "Accept", "text/xml")
  add(lPostHeader, "OSLC-Core-Version", "2.0")
  add(lPostHeader, "Content-Type", "application/x-www-form-urlencoded")
  Buffer lBuf = create()
  lBuf = "?&j_username=" aUserid "&j_password=" aPassword
  setValue(lBody, lBuf)
  lError = HttpRequest(HttpPost, aUrl "/authenticated/j_security_check", lBody, lPostHeader, lResponse)
  if(!null lError) print lError "\n"
  
  delete lBuf
  delete lBody
  delete lResponse
  delete lGetHeader
  delete lPostHeader
}

Re: DOORS DXL RTC Login
Mathias Mamsch - Mon Feb 26 14:17:02 EST 2018

It seems wrong how you pass the auth parameters. If you send the authentication data inside the body then you must not pass "?&" at the start of the parameters. 

So try: 

lBuf = "j_username=" aUserid "&j_password=" aPassword "\r\n"

and make sure that you correctly escape all special characters (e.g. ampersand, etc.) inside the password according to RFC1738. 

Maybe that helps. Afterwards you probably need to store the session data that you get from the server (cookie, headers, jwt, etc.) and include it on further requests. You may have this problem too between your first request and your second request. 

Regards, Mathias

Re: DOORS DXL RTC Login
davidcs - Tue Feb 27 09:38:23 EST 2018

lBuf = "j_username=" aUserid "&j_password=" aPassword "\r\n"

Thanks for the response Mathias. I tried your recommendation but still get the OAuth pop-up window when I POST the form data. Looking into this a little more you may be correct in that I may need to manage the session data in the requests. Unfortunately, I'm not an expert on how to handle RTC cookies so I'm not sure at this point what data needs to be returned to the RTC server.

There is quite a bit of information for authenticating through RTC in other programming languages so I think doing it through DXL is possible but may take a little research. If I figure anything out I will make sure to update this post.

Re: DOORS DXL RTC Login
Romain_Barth - Fri Feb 15 09:46:33 EST 2019

Hi,

Just coding the POST to /authenticated/j_security_check is not enough.

You have to code a full Oauth authentication... I don't really think it is possible in DXL or if it is it will be really painful... If you manage to do it: BRAVO, I really would like to get that code...

Here is a sample in Python that can help for the logic:

http://www.lexev.org/en/2015/oauth-step-step/

The URLs for your RTC setup can be found at https://your_rtc_host:your_port/ccm/rootservices

Good luck