It's all about the answers!

Ask a question

Need help using java for authenticating RTC Rest API

Manish Kumar (612) | asked May 07 '14, 7:05 a.m.
edited May 07 '14, 7:58 a.m. by sam detweiler (12.4k6175200)
 Hello Everyone!

I would like to fetch Create\update\load workitems using Rest API.
I was able to do them using rest clients but when i start trying to implement this programatically, i could not find the way to authenticate the user and get the required information. 

In production i cannot accept all the certificates and hosts. How should i accept the certificate and authenticate in production environment? 
TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return null;

public void checkclientTrusted(X509Certificate[] certs, String authType) {
// Leave blank to trust every client

public void checkServerTrusted(X509Certificate[] certs, String authType) {
// Leave blank to trust every server

public void checkClientTrusted(X509Certificate[] arg0, String arg1)
throws CertificateException {
// TODO Auto-generated method stub
} };
HostnameVerifier hostnameVerifier = new HostnameVerifier() {

public boolean verify(String hostname, SSLSession session) {
// TODO Auto-generated method stub
return true;
SSLContext mySSLContext = SSLContext.getInstance("SSL");
mySSLContext.init(null, trustAllCerts, new;
// Authenticate credentials
HttpContext localContext = new BasicHttpContext();
DefaultHttpClient httpclient = new DefaultHttpClient();
CredentialsProvider credsProvider = new BasicCredentialsProvider();
credsProvider.setCredentials(new AuthScope(
 "", AuthScope.ANY_PORT), new UsernamePasswordCredentials("user", "password")); httpclient.setCredentialsProvider(credsProvider);
SSLSocketFactory sf = (SSLSocketFactory)httpclient.getConnectionManager()
sf.setHostnameVerifier(new AllowAllHostnameVerifier());
HttpGet httpget = new HttpGet(
httpget.addHeader("Accept", "application/json");
httpget.addHeader("OSLC-Core-Version", "2.0");
HttpResponse response = httpclient.execute(httpget);
Header[] ooo = response.getAllHeaders();
for (Header header : ooo) {
System.out.println(header.getName() + " - " + header.getValue());

HttpEntity entity = response.getEntity();
if (entity != null) {

// Create a response handler
ResponseHandler<String> responseHandler = new BasicResponseHandler();
String responseBody = httpclient.execute(httpget, responseHandler);


This returns the following 

Server - Apache-Coyote/1.1
Cache-Control - private
Expires - Thu, 01 Jan 1970 05:30:00 IST
Set-Cookie - JazzFormAuth=Form; Path=/ccm
X-com-ibm-team-repository-web-auth-msg - authrequired
Content-Type - text/html;charset=UTF-8
Content-Length - 1985
Date - Wed, 07 May 2014 10:57:22 GMT
<!DOCTYPE html>


  Licensed Materials - Property of IBM
  (c) Copyright IBM Corporation 2005-2013. All Rights Reserved.
  Note to U.S. Government Users Restricted Rights:
  Use, duplication or disclosure restricted by GSA ADP Schedule
  Contract with IBM Corp.
<-- html
something in the following html messes up the forum application..(sam)

<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=10">

<link type="text/css" rel="stylesheet" href="/ccm/web/_style/?include=A~&etag=KgPx1J2tNdQ_en_US&_proxyURL=%2Fccm&ss=ESpbO">
<link rel="shortcut icon" href="/ccm/web/net.jazz.ajax/jazz.ico">

<style type="text/css">
#net-jazz-ajax-NoScriptMessage {
width: 100%;
color: #D0D0D0;
font-size: 2em;
text-align: center;
position: absolute;
top: 1%;
z-index: 999;


<body class="claro">
<noscript><div id="net-jazz-ajax-NoScriptMessage">Javascript is either disabled or not available in your Browser</div></noscript>
<div id="net-jazz-ajax-InitialLoadMessage">Loading...</div>
<div id="net-jazz-ajax-WorkbenchRoot"></div>
<script type="text/javascript">
djConfig = {
isDebug: false,
usePlainJson: true,
baseUrl: "/ccm/web/dojo/",
locale: "en-us",
localizationComplete: true
net = {jazz: {ajax: {}}};
net.jazz.ajax._contextRoot = "/ccm";
net.jazz.ajax._appPath = "/ccm/authenticated/identity";
net.jazz.ajax._webuiPrefix = "/web/";
<script type="text/javascript" src="/ccm/web/_js/?include=A~&etag=KgPx1J2tNdQ_en_US&_proxyURL=%2Fccm&ss=ESpbO&locale=en-us"></script>

<script type="text/javascript">
require("dojo/main").getObject('jazz.core.loader', true)._serverStartup="ESpbO";

<script type="text/javascript">
/* <![CDATA[ */
dojo.addOnLoad( function() {
/* ]]> */

Be the first one to answer this question!

Register or to post your answer.