What authentication method to access RRC through a (default) JAVA application using REST is best programmable: Form based or oAuth?
Hello, I want to extract data from Rational Requirements Composer 3.0.1 using REST and (default) Java. I have successfully retrieved data from the browser, but I wish to bypass the browser and combine it with data transformation. I see that some are trying to use Form based authentication and others oAuth (version?). Having tried and failed with basic authentication (as described here https://jazz.net/open-services/services/authentication.jsp), I would like to try the better (maybe a future proof) option next. Especially since it seems that RTC (3.x) works with Form based, but RRC (3.x) does not. It is not clear what works with what version. I should note that I probably do not have access to the technical side (consumer secret, etc) or control over the upgrade path. Could you advise me, what authentication means to try to develop access to RRC from (default: no httpclient) Java? Thanks in advance, M |
Accepted answer
Edgar Ignacio Velazquez Mar (722●5)
| answered Mar 04 '13, 10:02 a.m.
JAZZ DEVELOPER edited Mar 04 '13, 10:04 a.m.
Hi Marc,
RRC uses OAuth1 version to authenticate; on version 4.0.1 OAuth1a was implemented (for future reference)
You may find this OSLC workshop useful, it contains some sample codes to get information out of RRC via OSLC REST and it has a method to login you could use as a base for your development
https://jazz.net/library/article/635 Marc van Leeuwen selected this answer as the correct answer
Comments Hello Edgar,
Probably you're using a different version from the on the OSLC workshop, I am getting the same header as you "X-jazz-web-oauth-url" and it works for me using that one.
Probably looking at the code from the workshop you would be able to strip out Apache libraries and replace it with stock Java calls
Hi Edgar,
Unfortunately I am unable to make the LAB 6 (RRC related) examples 3-5 work.
05-Mar-2013 12:55:35 org.apache.http.impl.client.DefaultRequestDirector handleResponseWARNING: Authentication error: Unable to respond to any of these challenges: {oauth=WWW-Authenticate: OAuth realm="Jazz"}Lab 6 examples 1 and 2 worked (in version 3.x)(they do not need authentication). Thanks for pointing out that it worked for you. That gave me enough reason to examine it further. Answer awarded. At this moment I am not sure stepping through the code will yield additional information to fix this issue due to the error description being "Unable to respond to any of these challenges". Using example LAB 6 example 5 in method call:
protected String getServiceProvider(String catalogURI, String paName) throws ...while executing HttpResponse response = HttpUtils.sendGetForSecureDocument( server, query, login, password, httpclient, JTS_Server);statusline returns: 401 Unauthorized |
5 other answers
Hi Gabriel and Marc
I have the same Unauthorized problem as you in example 6, but unfortunately I do not understand your solution. Could you describe it in more detail for me? thanks |
Hi, At which steps are you getting an error? Trying the workshop samples against jazz.net is not supported.
|
|
Hi Gabriel
I'm getting an warning when I try to access the RMCatalog. Maybe it is an embarrassing question but what do you mean by "Trying the workshop samples against jazz.net is not supported." ? This is my warnings: 01-05-2013 09:25:09 org.apache.http.client.protocol.ResponseProcessCookies processCookies WARNING: Invalid cookie header: "Set-Cookie: jfs-request-token-eb2b81238c6b4bbb8ee4813f31369d0c="9NC7FvhUcQW8IcjW9VR1fq1FxmmXuDGrZzJ9huym9c"; Version=1; Max-Age=600; Expires=Wed, 01-May-2013 07:35:09 GMT; Path=/rm". Unable to parse expires attribute: Wed 01-05-2013 09:25:09 org.apache.http.impl.client.DefaultRequestDirector handleResponse WARNING: Authentication error: Unable to respond to any of these challenges: {oauth=WWW-Authenticate: OAuth realm=https://myJTSserver:9443/jts/oauth-authorize} Comments Helene,
getQueryMap(location3.getValue());receives a URL when it can only parse, (see the function) a Query string part (of the URL). Another issue is the authentication problem. I was able to access RRC using oAuth. I have found that my RRC setup does not accept form based authentication. I assume this means that the workshop examples use form based authentication and are useless to me (for now). This is really too bad as the integration possibilities were going to be great for us! I did not have more time to follow this up. https://jazz.net/forum/questions/106354/need-help-with-an-authentication-problem-using-oslc-workshop-query-rm-example-for-rrc-3013 Please let me know what was your problem in which example of Lab 6. Kind regards Hi Marc,
Today I found out, that I was able to log in if I used our real server instead of our test server. Investigating this further I found out that the real server is still on version 4.0.0.1 and the test server is on 4.0.2.
Test rm server (rootservices)
Hi Helene,
showing 5 of 6
show 1 more comments
|
|
Hi,
If you are not using jazz.net then forget about the suggestion, Can not determine what is wrong based on the provided information. If other code samples work try to see how are they different regarding authenticating with the server. |
Your answer
Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.
Comments
Both Edgar and Gabriel send me in the right direction. Edgar, faster by a minute additionally supplied the extra information on the oAuth implemented. Awarded answer.