Jazz Forum Welcome to the Jazz Community Forum Connect and collaborate with IBM Engineering experts and users

How to fetch the user roles in a project area in RRC programmatically?

Questions
Tags
Users
Badges
Achla Sharma
(31316) Apr 08 '15, 8:51 a.m.

We are working on RRC extension where I am trying to fetch the roles assigned to a user in the RRC Project area. Following is the code :

HttpGet query = new HttpGet("https://aab.acd.com/rm/process/project-areas/_Yt5AsiOrEeSYxYvpIWViQA/members/userName");
    query.addHeader("Referer", "https://aab.acd.com/rm" + "/admin");
   query.addHeader("DoorsRP-Request-Type", "private");

   query.addHeader("Accept", "application/xml");
   

  
  
  DefaultHttpClient hc = new DefaultHttpClient();


    HttpResponse response = hc.execute(query);

I am getting a 401 Unauthorized Response. I am able to access the response xml from a normal browser. Am I missing out on anything?

0 votes

Comments
Bas Bekker
JAZZ DEVELOPER Apr 08 '15, 11:14 a.m.

What does the response content say, any details in the error message?
And do you have a user session with the RM server, i.e. are you authenticated?

And note that what you are trying to do is not part of the public REST API that RM and the Jazz platform provides.

Achla Sharma
Apr 09 '15, 2:52 a.m.

The error message simply states Unauthorized with an error code 401. I tried authenticating using the login credentials. But the issue persists.

query.addHeader(BasicScheme.authenticate(new UsernamePasswordCredentials(login, password), "UTF-8",false));

Is there some other way to fetch the user roles in a project area?

1 answer
4,313 views
0 votes

One answer

Permanent link
Donald Nong
(14.5k614) Apr 09 '15, 6:22 a.m.
The URL should be the right one. I have tried it in different browsers and cURL but not been able to get an HTTP 401 error. With a logged in session, the response is HTTP 200 with the user information including <jp06:role-assignments>. Without a logged in session, the response is HTTP 302 and the response contains the log in page. If the logged-in user has no repository permission, the response is HTTP 403.

Note that normally we POST the user name and password to the "j_security_check" URL to log in (where CLM is by default configured to use FORM authentication). The way you put user name/password in HTTP headers is for BASIC authentication.
https://jazz.net/wiki/bin/view/Main/JazzFormBasedAuth
https://jazz.net/library/article/1206

1 vote

Comments
Bas Bekker
JAZZ DEVELOPER Apr 09 '15, 8:59 p.m.

Thanks Donald, and right, you should use the form based POST to get through the OAuth dance to get authenticated.

Achla, on the 401 response you should see 'a x-com-ibm-team-repository-webauth-msg : authrequired' header indicating that you are not authenticated.
For a code sample how to do that, you can look at the the OSLC Workshop pdf document, section 6.3; Jazz form-based authentication.
Also see wiki document Jazz Foundation Core Security - User Authentication

1 vote

Your answer

Register or log in to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.

Ask a question
Guidelines
FAQ
Search context
Follow this question

By Email: 

Once you sign in you will be able to subscribe for any updates here.

By RSS:

Answers
Answers and Comments
Question details
× 10,938
× 7,495

Question asked: Apr 08 '15, 8:51 a.m.

Question was seen: 4,313 times

Last updated: Apr 09 '15, 8:59 p.m.

Confirmation Cancel Confirm