What authentication method to access RRC through a (default) JAVA application using REST is best programmable: Form based or oAuth?
Hello,
I want to extract data from Rational Requirements Composer 3.0.1 using REST and (default) Java. I have successfully retrieved data from the browser, but I wish to bypass the browser and combine it with data transformation.
I see that some are trying to use Form based authentication and others oAuth (version?).
Having tried and failed with basic authentication (as described here https://jazz.net/open-services/services/authentication.jsp), I would like to try the better (maybe a future proof) option next. Especially since it seems that RTC (3.x) works with Form based, but RRC (3.x) does not. It is not clear what works with what version.
I should note that I probably do not have access to the technical side (consumer secret, etc) or control over the upgrade path.
Could you advise me, what authentication means to try to develop access to RRC from (default: no httpclient) Java?
Thanks in advance,
M
Accepted answer
https://jazz.net/library/article/635
Comments
Hello Edgar,
I had seen the OSLC workshop pdf. I am getting a different header item:
"X-jazz-web-oauth-url" and not "x-com-ibm-team-repository-web-auth-msg"
Also I understand that I cannot get RESTclient to work in FF because it cannot except third party cookies. (It will not authenticate me.) (I also cannot use Apache HttpClient.)
But I will look at the code (page 60) in the pdf again and will let you know.
Thanks!
Probably you're using a different version from the on the OSLC workshop, I am getting the same header as you "X-jazz-web-oauth-url" and it works for me using that one.
Hi Edgar,
On page five (OSLC workshop pdf) it says it is for RTC 4.0 I assumed that meant I could not use it. The zip contains java examples that I am going to try make work.
Unfortunately I am unable to make the LAB 6 (RRC related) examples 3-5 work.
05-Mar-2013 12:55:35 org.apache.http.impl.client.DefaultRequestDirector handleResponseWARNING: Authentication error: Unable to respond to any of these challenges: {oauth=WWW-Authenticate: OAuth realm="Jazz"}Lab 6 examples 1 and 2 worked (in version 3.x)(they do not need authentication).
05-Mar-2013 12:55:37 org.apache.http.impl.client.DefaultRequestDirector handleResponseWARNING: Authentication error: Unable to respond to any of these challenges: {oauth=WWW-Authenticate: OAuth realm="Jazz"}org.apache.http.client.HttpResponseException: Unauthorized
Thanks for pointing out that it worked for you. That gave me enough reason to examine it further. Answer awarded.
At this moment I am not sure stepping through the code will yield additional information to fix this issue due to the error description being "Unable to respond to any of these challenges".
Using example LAB 6 example 5 in method call:
protected String getServiceProvider(String catalogURI, String paName) throws ...while executing
HttpResponse response = HttpUtils.sendGetForSecureDocument( server, query, login, password, httpclient, JTS_Server);statusline returns: 401 Unauthorized
5 other answers
I'm getting an warning when I try to access the RMCatalog.
Maybe it is an embarrassing question but what do you mean by "Trying the workshop samples against jazz.net is not supported." ?
This is my warnings:
01-05-2013 09:25:09 org.apache.http.client.protocol.ResponseProcessCookies processCookies
WARNING: Invalid cookie header: "Set-Cookie: jfs-request-token-eb2b81238c6b4bbb8ee4813f31369d0c="9NC7FvhUcQW8IcjW9VR1fq1FxmmXuDGrZzJ9huym9c"; Version=1; Max-Age=600; Expires=Wed, 01-May-2013 07:35:09 GMT; Path=/rm". Unable to parse expires attribute: Wed
01-05-2013 09:25:09 org.apache.http.impl.client.DefaultRequestDirector handleResponse
WARNING: Authentication error: Unable to respond to any of these challenges: {oauth=WWW-Authenticate: OAuth realm=https://myJTSserver:9443/jts/oauth-authorize}
Comments
Helene,
I am not sure which example in Lab 6 you refer to (as I have not looked at it recently).
So far there is a problem in the Java code of the workshop example which could be related to your problem (it has not been confirmed yet):
getQueryMap(location3.getValue());receives a URL when it can only parse, (see the function) a Query string part (of the URL).
Another issue is the authentication problem. I was able to access RRC using oAuth. I have found that my RRC setup does not accept form based authentication. I assume this means that the workshop examples use form based authentication and are useless to me (for now). This is really too bad as the integration possibilities were going to be great for us!
I did not have more time to follow this up.
https://jazz.net/forum/questions/106354/need-help-with-an-authentication-problem-using-oslc-workshop-query-rm-example-for-rrc-3013
Please let me know what was your problem in which example of Lab 6.
Kind regards
Hi Marc,
I'm trying to follow example 3 in lab 6 (the workshop guide doesn't seem to reflect the updated code example from the zip-file though.)
(Some info: my JTS i version 4.0.2 and my RRC i version 4.0)
I tried to look at the getQueryMap. Now I'm able to get a value for the oauthToken (I'm not having an oauthCallback!). I still get the same warnings though.
Today I found out, that I was able to log in if I used our real server instead of our test server. Investigating this further I found out that the real server is still on version 4.0.0.1 and the test server is on 4.0.2.
Real rm server (rootservices)
<oslc_rm:majorversion>3</oslc_rm:majorversion>
<oslc_rm:version>3.0.1.0</oslc_rm:version>
<oslc_rm:buildversion>4.0.0.1 (I20120910_1852)
<rm:rrcextensions>0.1.3-0.1.5</rm:rrcextensions>
Test rm server (rootservices)
<oslc_rm:majorversion>4</oslc_rm:majorversion>
<oslc_rm:version>4.0.1.1</oslc_rm:version>
<oslc_rm:buildversion>4.0.2 (I20130222_1706)
<rm:rrcextensions>0.1.3-0.1.5</rm:rrcextensions>
Could these different versions cause my login problems and how do I fix it?
Hi Helene,
I am sorry it took such a long time to get back to you, I was out of office.
First. If you have version 4 and I have version 3. This will probably make comparisons difficult (as there are big differences between the versions). To me it seems strange the difference between the major version number and the build version (on Real rm server). What version do you see in the web client about pop-up?
I believe the first warning "Invalid cookie header" is a problem for you. You are having different responses compared to the output I have. See here:
Jazz.net question with output in it
So, if I understand you correctly; you changed the getQueryMap to get a value for the oauthToken. Thanks for letting me know this is reproducible!
And as for that it works for you with production. I cannot explain that.
Kind regards
Comments
Marc van Leeuwen
Mar 05 '13, 7:03 a.m.Both Edgar and Gabriel send me in the right direction. Edgar, faster by a minute additionally supplied the extra information on the oAuth implemented. Awarded answer.