It's all about the answers!

Ask a question

Need help using java for authenticating RTC Rest API


Manish Kumar (612) | asked May 07 '14, 7:05 a.m.
edited May 07 '14, 7:58 a.m. by sam detweiler (12.5k6195201)
 Hello Everyone!

I would like to fetch Create\update\load workitems using Rest API.
I was able to do them using rest clients but when i start trying to implement this programatically, i could not find the way to authenticate the user and get the required information. 

In production i cannot accept all the certificates and hosts. How should i accept the certificate and authenticate in production environment? 
TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return null;
}

public void checkclientTrusted(X509Certificate[] certs, String authType) {
// Leave blank to trust every client
}

public void checkServerTrusted(X509Certificate[] certs, String authType) {
// Leave blank to trust every server
}

public void checkClientTrusted(X509Certificate[] arg0, String arg1)
throws CertificateException {
// TODO Auto-generated method stub
}
} };
HostnameVerifier hostnameVerifier = new HostnameVerifier() {

public boolean verify(String hostname, SSLSession session) {
// TODO Auto-generated method stub
return true;
}
};
SSLContext mySSLContext = SSLContext.getInstance("SSL");
mySSLContext.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(mySSLContext.getSocketFactory());
// Authenticate credentials
HttpContext localContext = new BasicHttpContext();
DefaultHttpClient httpclient = new DefaultHttpClient();
CredentialsProvider credsProvider = new BasicCredentialsProvider();
credsProvider.setCredentials(new AuthScope(
 "mymach.a.com", AuthScope.ANY_PORT), new UsernamePasswordCredentials("user", "password")); httpclient.setCredentialsProvider(credsProvider);
SSLSocketFactory sf = (SSLSocketFactory)httpclient.getConnectionManager()
   .getSchemeRegistry().getScheme("https").getSocketFactory();
sf.setHostnameVerifier(new AllowAllHostnameVerifier());
HttpGet httpget = new HttpGet(
"https://mymach.a.com/ccm/resource/itemName/com.ibm.team.workitem.WorkItem/81");
httpget.addHeader("Accept", "application/json");
httpget.addHeader("OSLC-Core-Version", "2.0");
HttpResponse response = httpclient.execute(httpget);
Header[] ooo = response.getAllHeaders();
for (Header header : ooo) {
System.out.println(header.getName() + " - " + header.getValue());
}

HttpEntity entity = response.getEntity();
if (entity != null) {
entity.consumeContent();
}

// Create a response handler
ResponseHandler<String> responseHandler = new BasicResponseHandler();
String responseBody = httpclient.execute(httpget, responseHandler);

System.out.println(responseBody);
}}

This returns the following 

Server - Apache-Coyote/1.1
Cache-Control - private
Expires - Thu, 01 Jan 1970 05:30:00 IST
Set-Cookie - JazzFormAuth=Form; Path=/ccm
X-com-ibm-team-repository-web-auth-msg - authrequired
Content-Type - text/html;charset=UTF-8
Content-Length - 1985
Date - Wed, 07 May 2014 10:57:22 GMT
<!DOCTYPE html>

<!--

  Licensed Materials - Property of IBM
  (c) Copyright IBM Corporation 2005-2013. All Rights Reserved.
  
  Note to U.S. Government Users Restricted Rights:
  Use, duplication or disclosure restricted by GSA ADP Schedule
  Contract with IBM Corp.
  
-->
<code>
<-- html
something in the following html messes up the forum application..(sam)

<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=10">
<title></title>

<link type="text/css" rel="stylesheet" href="/ccm/web/_style/?include=A~&etag=KgPx1J2tNdQ_en_US&_proxyURL=%2Fccm&ss=ESpbO">
<link rel="shortcut icon" href="/ccm/web/net.jazz.ajax/jazz.ico">

<style type="text/css">
#net-jazz-ajax-NoScriptMessage {
width: 100%;
color: #D0D0D0;
font-size: 2em;
text-align: center;
position: absolute;
top: 1%;
z-index: 999;
}
</style>

</head>

<body class="claro">
<noscript><div id="net-jazz-ajax-NoScriptMessage">Javascript is either disabled or not available in your Browser</div></noscript>
<div id="net-jazz-ajax-InitialLoadMessage">Loading...</div>
<div id="net-jazz-ajax-WorkbenchRoot"></div>
<script type="text/javascript">
djConfig = {
isDebug: false,
usePlainJson: true,
baseUrl: "/ccm/web/dojo/",
locale: "en-us",
localizationComplete: true
};
/*null*/
net = {jazz: {ajax: {}}};
net.jazz.ajax._contextRoot = "/ccm";
net.jazz.ajax._appPath = "/ccm/authenticated/identity";
net.jazz.ajax._webuiPrefix = "/web/";
</script>
<script type="text/javascript" src="/ccm/web/_js/?include=A~&etag=KgPx1J2tNdQ_en_US&_proxyURL=%2Fccm&ss=ESpbO&locale=en-us"></script>

<script type="text/javascript">
require("dojo/main").getObject('jazz.core.loader', true)._serverStartup="ESpbO";
require("dojo/main").getObject('jazz.core.loader',true)._loaded=["A"];
</script>

<script type="text/javascript">
/* <![CDATA[ */
dojo.addOnLoad( function() {
net.jazz.ajax.ui.PlatformUI.createAndRunWorkbench("net.jazz.web.app.authrequired");
});
/* ]]> */
</script>
</body>
</html>
</code>

Be the first one to answer this question!


Register or to post your answer.


Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.