Creating WorkItems using OSLC services
Hi Team,
With the article https://jazz.net/wiki/bin/view/Main/WorkItemAPIsForOSLCCM20 I was trying to create sample work items but failed. I would be thankful for any help.
https://myserver.pl:9443/ccm/oslc/contexts/_HeU8o6FZEeKEFa0gk6Ppqw/workitems/defect
Header (method POST):
Accept: application/rdf+xml
OSLC-Core-Version: 2.0
Body :
<rdf:RDF
xmlns:dcterms="http://purl.org/dc/terms/"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:rtc_cm="http://jazz.net/xmlns/prod/jazz/rtc/cm/1.0/" >
<rdf:Description rdf:nodeID="A0">
<dcterms:title rdf:parseType="Literal">Sample Work Item</dcterms:title>
</rdf:Description>
</rdf:RDF>
I get 403 Forbidden as status and as body
<html><head><title>Apache Tomcat/7.0.32 - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--></style> </head><body><h1>HTTP Status 403 - The user has the roles required to perform this operation, but the permission has been denied because this request might have been forged by a malicous website. To prove that this request is not part of a CSRF attack add a new HTTP header with the name 'X-Jazz-CSRF-Prevent' and use the current JSESSIONID value as the value.</h1><HR size="1" noshade="noshade"><p><b>type</b> Status report</p><p><b>message</b> <u>The user has the roles required to perform this operation, but the permission has been denied because this request might have been forged by a malicous website. To prove that this request is not part of a CSRF attack add a new HTTP header with the name 'X-Jazz-CSRF-Prevent' and use the current JSESSIONID value as the value.</u></p><p><b>description</b> <u>Access to the specified resource has been forbidden.</u></p><HR size="1" noshade="noshade"><h3>Apache Tomcat/7.0.32</h3></body></html>
2 answers
Hi Bartek,
I remember we had really difficult PMR similatr to that. The root cause was that proxy server or WAS itself was changing JSESSIONID cookie.
Do you have any proxy between server and client?
Could you check if your script is working on the testing environment e.g. located on your laptop?
I remember we had really difficult PMR similatr to that. The root cause was that proxy server or WAS itself was changing JSESSIONID cookie.
Do you have any proxy between server and client?
Could you check if your script is working on the testing environment e.g. located on your laptop?
Comments
Uday Bhosale
Jun 16 '15, 7:16 a.m.Hi Bartosz Chrabski, had you got any solution for this issue? Please let me know as I am too facing similar kind of error while creating work item in RTC.