It's all about the answers!

Ask a question
QuestionsTagsUsersBadges
Follow this question
Question details

×7,389
×4,289
×3,952
×1,682

question asked: Jun 05 '13, 5:18 a.m.
question was seen: 6,845 times
last updated: Jun 20 '13, 2:23 a.m.

Related questions

FAQ - How this Forum works

Response Status 401 while trying to retrieve project areas from RM Catalog!!!

0
Ramya Laxmi (1324) | asked Jun 05 '13, 5:18 a.m.
edited Jun 05 '13, 5:21 a.m.
Hi

I am trying to retrieve project areas from the RM catalog through OSLC URL https://localhost:9443/rm/discovery/RMCatalog through the following java code

private String fetchProjectXML(String login, String password,
            String catalogURI) {

        String server = "https://localhost:9443/rm";
        String mediatype = "application/rdf+xml";
        String node = null;
        try {
            // Setup the HttClient
            HttpClient httpclient = new DefaultHttpClient();
            HttpUtils.setupLazySSLSupport(httpclient);
            HttpGet documentGet = new HttpGet(catalogURI);
            System.out.println("document get :: "+documentGet.toString());
           
            documentGet.addHeader("Accept", mediatype);
            documentGet.addHeader("OSLC-Core-Version", "2.0");
            HttpResponse response = HttpUtils.sendGetForSecureDocument(server,
                    documentGet, login, password, httpclient);
           
            System.out.println("Response"+response.toString());

            System.out.println("Response Status Code"+response.getStatusLine().getStatusCode());
           
            if (response.getStatusLine().getStatusCode() == 200) {
                HttpEntity entity = response.getEntity();
                String responseString = EntityUtils.toString(entity, "UTF-8");
                 System.out.println("response=="+responseString);
           
                node = responseString;

                HttpUtils.printResponseHeaders(response);

            }
 
        } catch (ClientProtocolException e) {
            e.printStackTrace();
        } catch (IOException e) {
            e.printStackTrace();
        } catch (InvalidCredentialsException e) {
            e.printStackTrace();
        } finally {
            // Shutdown the HTTP connection
            // httpclient.getConnectionManager().shutdown();
        }
        return node;
    }

public static HttpResponse sendGetForSecureDocument(String serverURI, HttpGet request, String login, String password, HttpClient httpClient)
            throws IOException, InvalidCredentialsException {
        DEBUG=true;
        // Step (1): Request the protected resource
        if (DEBUG) System.out.println(">> GET(1) "+request.getURI());
        HttpResponse documentResponse = httpClient.execute(request);
        System.out.println("Reponse status"+documentResponse.getStatusLine().getStatusCode());
        if (DEBUG) {
            System.out.println(">> Response Headers:");
            HttpUtils.printResponseHeaders(documentResponse);
        }
       
        if (documentResponse.getStatusLine().getStatusCode() == 200) {
            Header header = documentResponse.getFirstHeader(AUTHREQUIRED);
            if ((header!=null) && ("authrequired".equals(header.getValue()))) {
                documentResponse.getEntity().consumeContent();
                // The server requires an authentication: Create the login form
                HttpPost formPost = new HttpPost(serverURI+"/j_security_check");
                List<NameValuePair> nvps = new ArrayList<NameValuePair>();
                nvps.add(new BasicNameValuePair("j_username", login));
                nvps.add(new BasicNameValuePair("j_password", password));
                formPost.setEntity(new UrlEncodedFormEntity(nvps, HTTP.UTF_8));

                //Step (2): The client submits the login form
                if (DEBUG) System.out.println(">> POST "+formPost.getURI());               
                HttpResponse formResponse = httpClient.execute(formPost);
                if (DEBUG) HttpUtils.printResponseHeaders(formResponse);
               
            header = formResponse.getFirstHeader(AUTHREQUIRED);
                if ((header!=null) && ("authfailed".equals(header.getValue()))) {
                    // The login failed
                    throw new InvalidCredentialsException("Authentication failed");
                } else {
                    formResponse.getEntity().consumeContent();
                    // The login succeed
                    // Step (3): Request again the protected resource
                    if (DEBUG) System.out.println(">> GET(2) "+request.getURI());
                    HttpGet documentGet2;
                    try {
                        documentGet2 = (HttpGet)(request.clone());
                        return httpClient.execute(documentGet2);
                    } catch (CloneNotSupportedException e) {
                        // TODO Auto-generated catch block
                        e.printStackTrace();
                    }
                }
        }
    }
        return  documentResponse;
    }

I am getting a 401 response status for the above code. I understand that this error occurs if the user is unauthorized, but care is taken that the user has JazzAdmin Repository permission as well as necessary license.

document get :: org.apache.http.client.methods.HttpGet@9f671b
>> GET(1) https://localhost:9443/rm/discovery/RMCatalog
Reponse status401
>> Response Headers:
    - Server: Apache-Coyote/1.1
    - set-cookie: jfs-oauth-access-token0=; expires=Thu, 01-Jan-70 00:00:00 GMT; path=/rm
    - set-cookie: jfs-oauth-access_token-secret0=; expires=Thu, 01-Jan-70 00:00:00 GMT; path=/rm
    - set-cookie: jfs-request-token-cd09914f0509468b9d577cea0664502c="C+t6iqxZNdy0Gn0dHLun92cnBSNosZaLXA6vOl9kJF0="; Version=1; expires=Wed, 05-Jun-13 08:51:49 GMT; path=/rm
    - X-jazz-web-oauth-url: https://localhost:9443/jts/oauth-authorize?oauth_token=cd09914f0509468b9d577cea0664502c
    - WWW-Authenticate: OAuth realm=https://localhost:9443/jts/oauth-authorize
    - Content-Type: text/html
    - Content-Length: 324
    - Date: Wed, 05 Jun 2013 08:46:49 GMT
Responseorg.apache.http.message.BasicHttpResponse@10382a9
Response Status Code401
Fe
Jun 5, 2013 2:16:49 PM org.apache.http.client.protocol.ResponseProcessCookies processCookies
WARNING: Invalid cookie header: "set-cookie: jfs-request-token-cd09914f0509468b9d577cea0664502c="C+t6iqxZNdy0Gn0dHLun92cnBSNosZaLXA6vOl9kJF0="; Version=1; expires=Wed, 05-Jun-13 08:51:49 GMT; path=/rm". Unable to parse expires attribute: Wed
Jun 5, 2013 2:16:49 PM org.apache.http.impl.client.DefaultRequestDirector handleResponse
WARNING: Authentication error: Unable to respond to any of these challenges: {oauth=WWW-Authenticate: OAuth realm=https://localhost:9443/jts/oauth-authorize}


It would be very helpful if some one could address this issue.

Thanks in advance.
Comments
Stef van Dijk commented Jun 05 '13, 11:17 a.m.
FORUM MODERATOR / JAZZ DEVELOPER

Hello Ramya,

What version of RRC are you using?
I actually took the core of the code you provided for fetchProjectXML and used it in conjunction with the code available from the OSLC Workshop, and had no trouble receiving a 200 response and the catalog content using RRC 4.0.2. Note that this meant not using the code you included for sendGetForSecureDocument() since that is provided by the HttpUtils class provided in the workshop sample (though it requires an additional jtsURI parameter). I had to "patch" a couple of other things to make your snippet method compile, but I don't think I've changed anything fundamental.

I tested this with a user with JazzAdmins permission and the following licenses (though I'm not sure how much these matter - it's just what I happened to have):
RRC Analyst, RQM Quality Professional, RTC Developer and CLM Practitioner

Stef van Dijk commented Jun 05 '13, 11:21 a.m.
FORUM MODERATOR / JAZZ DEVELOPER

Seems there's a character limit on comments, so I had to break up my response...

Note that while I did get a successful response, I too received these messages just as you did, so I don't think they reflect any particular problem:

Jun 5, 2013 11:15:04 AM org.apache.http.client.protocol.ResponseProcessCookies processCookies
WARNING: Invalid cookie header: "set-cookie: jfs-request-token-e6b494cf533b474786781edb8b05b3d2="KeTJF4Jh4M1hwmSWIqiuOmAaS5PSlU0uuI8AVHlS4"; Version=1; Max-Age=600; Expires=Wed, 05-Jun-2013 15:25:04 GMT; Path=/rm". Unable to parse expires attribute: Wed
Jun 5, 2013 11:15:04 AM org.apache.http.impl.client.DefaultRequestDirector handleResponse
WARNING: Authentication error: Unable to respond to any of these challenges: {oauth=WWW-Authenticate: OAuth realm=https://clmwb.ibm.com:9443/jts/oauth-authorize}

Could you possibly provide more details about the configuration of your server?
It is a distributed CLM configuration? Is it using any sort of proxy? Tomcat or WAS for the app server? Is it using Form or Basic authentication?

Accepted answer

0
permanent link
Jon Agnew (8123) | answered Jun 19 '13, 2:53 p.m.
FORUM ADMINISTRATOR / FORUM MODERATOR
Hi Rayma,

Your code handles the case where the server returns a status code of 200 and the "X-com-ibm-team-repository-web-auth-msg" header.  But when the server returns a status code of 401 along with the "X-jazz-web-oauth-url" header you'll need to use different authentication steps.

For sample code, download the OSLC Workshop and see the example net.jazz.oslc.consumer.rm.client/src/net/jazz/oslc/consumer/examples/Example03.java.  The actual authentication is handled by the doRRCOAuth method in the file net.jazz.oslc.consumer.rm.client/src/net/jazz/oslc/utils/HttpUtils.java

Regards,
Jon

Ramya Laxmi selected this answer as the correct answer
Comments
Ramya Laxmi commented Jun 20 '13, 2:23 a.m.

Hi Jon

Thank you so much for the answer. It has helped me a lot.

One other answer

Most liked answers ↑|Newest answers|Oldest answers

0
permanent link
Jason Warner (1063) | answered Jun 05 '13, 9:57 a.m.
JAZZ DEVELOPER
Hi Ramya,

This issue has come up before in this forum question https://jazz.net/forum/questions/110556/unable-to-parse-expires-attribute-mon .  From that forum post, https://issues.apache.org/jira/browse/HTTPCLIENT-896 links to a discussion of this issue and a possible workaround involving "CookieSpecPNames.DATE_PATTERNS".  I hope this helps.

Regards,

Jason

Your answer

Register or to post your answer.


Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.