It's all about the answers!

Ask a question

Can not login CCM server with OSLC API

Dmitry A. Lesin (24825996) | asked May 12 '14, 3:39 p.m.
edited May 12 '14, 3:43 p.m.
I have a very strange situation when trying to pass authetification when requesting service provider catalog from CCM server (v4.0.5). When I do a request to get cookies with such parameters:

  Method: POST
  URL: https://localhost:9443/ccm/authenticated/j_security_check?j_username=jts&j_password=jts
  Headers: [Cookie=JSESSIONID=3F3A52CD8DCA4F7B2672D75E193B158D, Accept-Charset=UTF-8, Content-Type=application/xml]

I get a response with code 200:

Received response 200: {
    "userId": "jts",
    "roles": [

Another word I can connect to CCM server from the external application. But when I try to pass Jazz form based authentification as it's described in OSLC workshop:

  Method: POST
  URL: https://localhost:9443/ccm/oslc/workitems/catalog/j_security_check?j_username=jts&j_password=jts
  Headers: [Cookie=JSESSIONID=36CE341D4286A38C01A2CAC8537E67D3, Accept-Charset=UTF-8, Content-Type=application/xml]

I get response code 400 and a strange error: {"errorClass":"java.lang.IllegalArgumentException","errorCode":400,"errorTraceMarshall":[{"errorTraceFileName":"","errorTraceClassName":"","errorTraceMethodName":"splitPair","errorTraceLineNumber":54},{"errorTraceFileName":"","errorTraceClassName":"","errorTraceMethodName":"splitPair","errorTraceLineNumber":25},{"errorTraceFileName":"","errorTraceClassName":"","errorTraceMethodName":"compareTo","errorTraceLineNumber":334},
(","org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(","$","java.util.concurrent.ThreadPoolExecutor$Worker.runTask(","java.util.concurrent.ThreadPoolExecutor$",""],"errorMessage":"token is expected to be in 'name\/value' format"}

I noted a message "token is expected to be in 'name\/value' format". I try to solve the problem a lot of time but can not pass the authentification for "oslc/workitems/catalog" document.
An interesting moment, when I do the same with Firefox Poster plugin - the request works perfect.

I will appreciate any help regarding this issue! Please, help if somebody khows the reason of the issue!
Thank you very much in advance!

2 answers

permanent link
Donald Nong (14.5k414) | answered May 12 '14, 9:05 p.m.
edited May 12 '14, 9:08 p.m.
Hi Dmitry,

I'm a bit confused with what you were trying to do with the second request. The "oslc/workitems/catalog" resource is normally retrieved with a GET request, not a POST. You were not trying to create a new project area, were you? When you said it worked perfectly with Poster, what's the response?

Generally speaking, after you use the first request to log on to CCM, you should get the session Id and token back. And you use such information in subsequent requests (be it GET or POST),  without logging in again. Besides, I have only seen j_security_check being used in the form of serverURI+"/j_security_check", not the way in your second request.

FYI, if I send a POST request to "oslc/workitems/catalog" using RESTClient in Firefox, I get an HTTP 403 error. A GET request gives me the correct result.

Dmitry A. Lesin commented May 13 '14, 3:58 a.m.

Hi Donald,

My top level purpose is to go all steps as it's prescribed in HTTPUtils.sendGetForSecureDocument method in the examples of IBM OSLC workshop. Accordingly, the steps are:
1. Send GET to a secured document
3. Send POST to the same document with the url suffix "/j_security_check"
4. Send GET to the same document for getting its content

I performed successfully all these steps with Firefox Poster plug-in:
1. Sent GET for catalog document

The response is:

2. Went to Firefox cookies to define JSESSIONID:

Dmitry A. Lesin commented May 13 '14, 3:59 a.m.
  1. Sent PUT request with the cookie found to catalog document with credentials:

    The response is:

    Apparently, Poster redirected the succesfull request to catalog document and returned its content.

    But when I do the same programmatically, I get the error mentioned above!

Dmitry A. Lesin commented May 13 '14, 4:52 a.m.

By the way, I repeated all these steps with Firefox RESTClient plugin and get it successfully as well!

Dmitry A. Lesin commented May 13 '14, 7:00 a.m.

I'm not sure so far but may be a way to solution is here:

I found that strings are displayed in ccm.log:

2014-05-13 14:45:58,849 [http-bio-9443-exec-18 @@ 14:45 jts /ccm/oslc/workitems/catalog]  WARN                               - Unhandled Exception
java.lang.IllegalArgumentException: token is expected to be in 'name/value' format

permanent link
Dmitry A. Lesin (24825996) | answered May 13 '14, 8:27 a.m.
The problem was solved after the next headers were used in the request:

Accept : application/xml
OSLC-Core-Version : 2.0

Apparently next header was rejected by server:


Currently I use next steps to authetificate for getting catalog document:

1. Get JSESSIONID with GET request:

  Method: GET
  URL: https://localhost:9443/ccm/authenticated/identity
  Headers: []

2. Login to RTC with POST request and JSESSIONID, which was found in step 1:

  Method: POST
  URL: https://localhost:9443/ccm/authenticated/j_security_check?j_password=jts&j_username=jts
  Headers: [Cookie=JSESSIONID=842BC788C0895C45503AF782B3554480]

3. Read catalog document with GET request:

Sending HTTP request to server:
  Method: GET
  URL: https://localhost:9443/ccm/oslc/workitems/catalog
  Headers: [OSLC-Core-Version=2.0, Accept=application/xml]

It must be taken into account that I need to use library instead of org.apache.http (which used in OSLC workshop) to send HTTP requests.

Your answer

Register or to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.