It's all about the answers!

Ask a question

REST: Authenticating


derek cheng (46121) | asked Mar 18 '09, 1:32 p.m.
I'm having trouble using the REST web service because I don't know how to get programmatic authentication working.

Right now, I'm trying to post data to the authentication service but I'm doing something wrong.

String.Format("https://jazzserver:9443/jazz/secure/web/console/j_security_check?j_username={0}&j_password={1}", username, password);

That's what I've been trying, but the response is always an authentication failed error.

How do you authenticate against Jazz?

15 answers



permanent link
Patrick Streule (4.9k21) | answered Mar 24 '09, 2:54 p.m.
JAZZ DEVELOPER
I'm having trouble using the REST web service because I don't know how
to get programmatic authentication working.

Right now, I'm trying to post data to the authentication service but
I'm doing something wrong.

String.Format("https://jazzserver:9443/jazz/secure/web/console/j_security_check?j_username={0}&j_password={1}",
username, password);

That's what I've been trying, but the response is always an
authentication failed error.

How do you authenticate against Jazz?

POSTing j_username and j_password directly to /j_security_check works on
Jetty, but not on e.g. Tomcat. Tomcat doesn't allow "drive-by" logins and
redirects you to a login page along with a temporary session ID cookie.
This cookie needs to be included in the POST to /j_security_check if I
remember correctly.

--
Regards,
Patrick
Jazz Work Item Team

permanent link
derek cheng (46121) | answered Mar 24 '09, 4:51 p.m.
I'm having trouble using the REST web service because I don't know how
to get programmatic authentication working.

Right now, I'm trying to post data to the authentication service but
I'm doing something wrong.

String.Format("https://jazzserver:9443/jazz/secure/web/console/j_security_check?j_username={0}&j_password={1}",
username, password);

That's what I've been trying, but the response is always an
authentication failed error.

How do you authenticate against Jazz?

POSTing j_username and j_password directly to /j_security_check works on
Jetty, but not on e.g. Tomcat. Tomcat doesn't allow "drive-by" logins and
redirects you to a login page along with a temporary session ID cookie.
This cookie needs to be included in the POST to /j_security_check if I
remember correctly.

--
Regards,
Patrick
Jazz Work Item Team


Thanks Patrick.

We're actually using Websphere 6.1 on Windows x64 with the latest fixpacks. We're trying to do this through automation (it's going to be part of our custom test management solution) from VB6.

Can you give me an example post with the ADMIN account?

permanent link
derek cheng (46121) | answered Mar 25 '09, 12:33 p.m.
I'm having trouble using the REST web service because I don't know how
to get programmatic authentication working.

Right now, I'm trying to post data to the authentication service but
I'm doing something wrong.

String.Format("https://jazzserver:9443/jazz/secure/web/console/j_security_check?j_username={0}&j_password={1}",
username, password);

That's what I've been trying, but the response is always an
authentication failed error.

How do you authenticate against Jazz?

POSTing j_username and j_password directly to /j_security_check works on
Jetty, but not on e.g. Tomcat. Tomcat doesn't allow "drive-by" logins and
redirects you to a login page along with a temporary session ID cookie.
This cookie needs to be included in the POST to /j_security_check if I
remember correctly.

--
Regards,
Patrick
Jazz Work Item Team


Thanks Patrick.

We're actually using Websphere 6.1 on Windows x64 with the latest fixpacks. We're trying to do this through automation (it's going to be part of our custom test management solution) from VB6.

Can you give me an example post with the ADMIN account?

This is working C# code to get a workitem from the rest service as a string. It's ugly, but if anyone else wants to do the same thing it'll get you started.
const string SERVICE_BASE = "https://jazzhost:9443/jazz/service/com.ibm.team.workitem.service.internal.roa.IRestService/workitems/{0}";

const string JAZZ_BASE = "https://jazzhost:9443/jazz/";
const string JAZZ_AUTH = "https://jazzhost:9443/jazz/j_security_check?j_username={0}&j_password={1}";
const string JAZZ_HOST = "jazzhost";

private static string GetWorkItem(string username, string password, int workitem_id)
{
HttpWebRequest request = WebRequest.Create(new Uri(JAZZ_BASE)) as HttpWebRequest;
HttpWebResponse intialResponse = request.GetResponse() as HttpWebResponse;

CookieContainer container = new CookieContainer();

foreach (string cookietext in intialResponse.Headers["Set-Cookie"].Split(';'))
{
string trimmedCookie = cookietext.Trim();
if (trimmedCookie.StartsWith("Path"))
continue;
Cookie c = new Cookie(trimmedCookie.Split('=')[0], trimmedCookie.Split('=')[1]);
c.Domain = JAZZ_HOST;
container.Add(c);
}

request = WebRequest.Create(new Uri(String.Format(JAZZ_AUTH, username, password))) as HttpWebRequest;
request.Method = "POST";
request.ContentType = "application/x-www-form-urlencoded";
request.Referer = JAZZ_BASE;

request.CookieContainer = container;

HttpWebResponse response = request.GetResponse() as HttpWebResponse;

response.Close();

request = WebRequest.Create(new Uri(String.Format(SERVICE_BASE, workitem_id))) as HttpWebRequest;

request.Referer = response.ResponseUri.ToString();

request.CookieContainer = container;

response = request.GetResponse() as HttpWebResponse;

StreamReader reader = new StreamReader(response.GetResponseStream());
string response_content = reader.ReadToEnd();
reader.Close();
response.Close();

return response_content;
}

permanent link
Patrick Streule (4.9k21) | answered Mar 25 '09, 3:10 p.m.
JAZZ DEVELOPER
This is working C# code to get a workitem from the rest service as a
string. It's ugly, but if anyone else wants to do the same thing
it'll get you started.
const string SERVICE_BASE =
"https://jazzhost:9443/jazz/service/com.ibm.team.workitem.service.internal.roa.IRestService/workitems/{0}";
const string JAZZ_BASE =
"https://jazzhost:9443/jazz/";
const string JAZZ_AUTH =
"https://jazzhost:9443/jazz/j_security_check?j_username={0}&j_password={1}";
const string JAZZ_HOST = "jazzhost";

Please keep in mind that (as
https://jazz.net/wiki/bin/view/Main/ResourceOrientedWorkItems states) this
API is temporary and will change considerably for the 2.0 release.

--
Regards,
Patrick
Jazz Work Item Team

permanent link
Feng Liu (511125) | answered Apr 28 '09, 11:55 p.m.
Hi Derek,

Can you enable the REST authenticating by programmatic way now? I'm also having this problem in my project...

I read your sample code and seems you connect to the jazz server firstly for getting the cookie value, and then store this cookie value for the following HTTP request. Can we pass the REST authenticating just following this way? I tried to follow this way and implement using Java code but it doesn't work for me...

I use Tomcat as the app container. It can be passed in the Embedded Jetty but can not work in Tomcat.

Any responses or help would be very appreciated.

permanent link
Ying Chen (261) | answered Jun 22 '09, 10:27 a.m.
JAZZ DEVELOPER
This is working C# code to get a workitem from the rest service as a
string. It's ugly, but if anyone else wants to do the same thing
it'll get you started.
const string SERVICE_BASE =
"https://jazzhost:9443/jazz/service/com.ibm.team.workitem.service.internal.roa.IRestService/workitems/{0}";
const string JAZZ_BASE =
"https://jazzhost:9443/jazz/";
const string JAZZ_AUTH =
"https://jazzhost:9443/jazz/j_security_check?j_username={0}&j_password={1}";
const string JAZZ_HOST = "jazzhost";

Please keep in mind that (as
https://jazz.net/wiki/bin/view/Main/ResourceOrientedWorkItems states) this
API is temporary and will change considerably for the 2.0 release.

--
Regards,
Patrick
Jazz Work Item Team

Are there documentation on how this is changing for the 2.0 release?
Can authentication work consistently across different types of servers ?

Ying

permanent link
Nick Edgar (6.5k711) | answered Jun 23 '09, 9:58 a.m.
JAZZ DEVELOPER
See https://jazz.net/wiki/bin/view/Main/ResourceOrientedWorkItemAPIv2
Appendix A has some examples showing how to authenticate using curl.

permanent link
derek cheng (46121) | answered Jun 26 '09, 10:54 a.m.
I followed this guide I found for a completely unrelated problem and finally managed to make authenticating easy:

http://www.ibm.com/developerworks/rational/library/08/1014_ramamoorthy/?S_TACT=105AGX15&S_CMP=LP

(Changes Login mode from FORM to BASIC). This seems to resolve the problems some users have where they are forced to login twice as well.

Then for each web request in c#:


req.PreAuthenticate = true;
req.Proxy.Credentials =
req.Credentials = new System.Net.NetworkCredential("username@work.com", "password123");

permanent link
ronen r (2152) | answered Nov 25 '09, 7:24 a.m.
For using Form Authentication add a user/password check to Derek code:
After this code

request = WebRequest.Create(new Uri(String.Format(JAZZ_AUTH, username, password))) as HttpWebRequest;
request.Method = "POST";
request.ContentType = "application/x-www-form-urlencoded";
request.Referer = JAZZ_BASE;

request.CookieContainer = container;

HttpWebResponse response = request.GetResponse() as HttpWebResponse;


Add the check:

if (response.Headers["X-com-ibm-team-repository-web-auth-msg"] != null
&& response.Headers["X-com-ibm-team-repository-web-auth-msg"] == "authfailed")
{
throw new System.Security.Authentication.AuthenticationException("Authentication Error");
}

permanent link
Robert Elves (11) | answered Dec 12 '09, 9:53 p.m.
Was there anything else you needed to do other than commenting out the form based config and uncommenting:

 <login>

<auth>BASIC</auth>
<realm>Jazz</realm>
</login>


... in the /jazz/server/tomcat/webapps/jazz/WEB-INF/web.xml file? (note that full element names are just not appearing correctly in this forum but they are complete in the web.xml file)

Thanks,

-Rob

I followed this guide I found for a completely unrelated problem and finally managed to make authenticating easy:

http://www.ibm.com/developerworks/rational/library/08/1014_ramamoorthy/?S_TACT=105AGX15&S_CMP=LP

(Changes Login mode from FORM to BASIC). This seems to resolve the problems some users have where they are forced to login twice as well.

Then for each web request in c#:


req.PreAuthenticate = true;
req.Proxy.Credentials =
req.Credentials = new System.Net.NetworkCredential("username@work.com", "password123");

Your answer


Register or to post your answer.


Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.