It's all about the answers!

Ask a question

RTC OSLC authenticate with JavaScript


tong yulong (647) | asked Dec 11 '14, 4:43 a.m.
JAZZ DEVELOPER
 I am trying to do some OSLC access to RTC by JS,but was stunk by the 
https://localhost:9443/ccm/authenticated/j_security_check
The JS ajax post can not through the authenticate,and I know java code can do that,but my requirement is do that in JS,so do you have any examples or tips that can through this authenticate?

2 answers



permanent link
tong yulong (647) | answered Jan 21 '15, 8:26 p.m.
JAZZ DEVELOPER
 Thanks for you answer!
I found the right way to use JS to call the anthentication.see below
authorize : function(callback) {
		contentComment.showLoading();
		var xhr = contentComment.createXMLHttpRequest();
		xhr.open('POST', contentComment.OSLC_CONTENT_TYPES.SERVICE_URL
				+ '/authenticated/identity', false);// must visit this url first
		xhr.onload = function(e) {
			if (xhr.readyState == 4 && xhr.status == 200) {
				xhrX = contentComment.createXMLHttpRequest();
				xhrX.open('POST', contentComment.OSLC_CONTENT_TYPES.SERVICE_URL
						+ '/authenticated/j_security_check', false);
				xhrX.setRequestHeader('Content-Type',
						'application/x-www-form-urlencoded;charset=UTF-8');
				xhrX.setRequestHeader("X-Requested-With", "XMLHttpRequest");
				xhrX.setRequestHeader("Cache-Control",
						"no-cache,no-store,must-revalidate");
				xhrX.setRequestHeader("Pragma", "no-cache");
				xhrX.setRequestHeader("Expires", "-1");
				// xhr.setRequestHeader("X-jazz-downstream-auth-client-level","4.0");
				xhrX.onload = function(e) {
					if (xhrX.readyState == 4 && xhrX.status == 200) {
						// log
						// on
						// success
						authrequired = xhrX
								.getResponseHeader("X-com-ibm-team-repository-web-auth-msg");
						if (authrequired == "authrequired") {
							
						} else if (authrequired == "authfailed") {
							
						} else {
							if(callback){
								callback.call(this);
							}
						}
					}
				};
				xhrX.send("j_username=" + contentComment.userName
						+ "&j_password=" + contentComment.passWord + "");
			}else if(xhr.readyState == 4){
				
			};
		};
		xhr.onerror = function(){
			
		};
		xhr.ontimeout = function(){
			
		};
		xhr.send();
	}

Comments
syed mahamood commented Jan 26 '16, 2:28 a.m. | edited Jan 26 '16, 1:47 p.m.

@tong yulong : what isĀ  contentComment here in your code, Can you please elaborate, i am also trying to call OSLC from javascript. Also what is the callback parameter that you are passing in the function. thanks



tong yulong commented Jan 26 '16, 2:47 a.m.
JAZZ DEVELOPER

the contentComment is my own object,it was use to store some properties,and some public method,in this case,the "showloading()" is a public page waiting method.
I remember this code works at that time,but can't remember the details


permanent link
Argeu Aprigio Alcantara (2113) | answered Jan 21 '15, 8:52 a.m.
 I had a similar problem, i'm working with python, but I think you can port it to js.
You must use a post from a session so he can verify the authentication on future requests, then each time I call my getDocFromUrl it already authenticated and it can access any url you pass after.
these variable outside of the method are like global variables.
you can use other js frameworks to parse the returning xml to a JSON object
 
import requests
import xml2obj
headers_global = {'Accept': 'text/xml', 'OSLC-Core-Version': '1.0'} 
url_auth = 'https://localhost:9443/ccm/authenticated/j_security_check'
data = {"j_username": "youruser", "j_password": "yourpass"}
headers_oslc_2_0_global = {'Accept': 'text/xml', 'OSLC-Core-Version': '2.0'}
s = requests.session()
s.get('https://localhost:9443/ccm/authenticated/identity', headers=headers)
r = s.post(url_auth, data)
def getDocFromUrl(self, url, headers): 
if headers is None:
h = headers_global 
else: 
h = headers
r = s.get(url, headers=h)
doc = r.content
obj = xml2obj.xml2obj(doc)
_list = list(obj)
return _list

Your answer


Register or to post your answer.


Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.