How can I authenticate with RRC server using C# REST client?
Hello,
I am trying to create a C# REST client that interacts with RRC 4.0.0.1. I have another C# REST client that authenticates successfully with RTC 4.0.0.1 (same JTS) so I recycled that code, except it doesn't work. I am just trying to authenticate and retreive a list of project areas (for now). The GET works no problem with RESTClient for Firefox (after authenticating manually first) so I am trying to replicate it in C#. Here is what it looks like (I am using RestSharp):
When I inspect the response, I always get an unauthorized error. Is authentication with RRC different to RTC?
Please help!
Regards,
Andrew
|
3 answers
Mike Jaworski (1.4k●6)
| answered Jan 30 '14, 11:15 a.m.
JAZZ DEVELOPER edited Jan 30 '14, 11:17 a.m.
Hi Andrew,
Here's an image which shows the flow of the OAuth dance, as used by RRC:
So , I believe that once you send off this request with the oauth_token, that response should include an oauth_token_secret which signifies that you are an authorized consumer. I believe that your browser would include these values (oauth_token and oauth_token_secret) as cookies, but you may be able to append them as URL parameters as well to ensure authentication.
I also see on one of our internal documents that you may be able to get around this by sending a different command:
"Using the JTS Oauth Authorization service implies redirection to the JTS authentication pop-up. The 3rd party consumer app should be able to get around this by disabling redirection on the authorization request, and manually performing the authentication request, like https://{host}:{port}/jts/j_security_check?j_username={username_value}&j_password={password_value}"
Also, I'm not sure if you have seen this before (and not sure how helpful it will be), but you can also access the OSLC workshop which gives (Java) examples of Form-based authentication: OSLCWorkshopDownload. It looks like the example in the workshop uses the "j_security_check" URL above to authenticate.
Sorry I don't have a more definitive answer for you, but you'll probably just need to play around with these options a bit until you get something that works for you.
Mike
Comments
Hi Mike,
Thanks again. I have managed to authenticate (I think) by POSTing to the "X-jazz-web-oauth-url" header URL and I get a ResponseUri that looks like this:
I don't know what to do with it though, and the response contains no cookies. When I try a new GET request for the project area list I still get the Unauthorized error.
I will keep working on it, but any ideas would be great!
Regards,
Andrew
Andrew,
Did you try using the "j_security_Check" option? I would give that a try if you are hitting a dead end with the OAuth route. Also, the article which Stephane posted looks like it would probably be helpful for you.
Mike
Hi Mike,
I have also tried the j_security_check route and I seem to be able to authenticate but the response does not give the me same headers as all the examples that I am following, namely the "X-com-ibm-team-repository-web-auth-msg" header. I am using RRC 4.0.0.1 and the examples are all for 3.x. The ResponseURI from the response is "https://<server>/jts/web" which leads me to believe that I am authenticated, but again I have no cookies or tokens, and when I try the next GET request I am still unauthorized.
I will keep at it, though!
Regards,
Andrew
|
Hi Andrew,
as your programming language is C#, you may want to refer this post: Consuming RTC (Rational Team Concert) OSLC APIs using C#: Post 1- Authentication which you may want to adapt the provided code to your particular needs (and possible RRC specificities). Regards, Stéphane |
Your answer
Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.