It's all about the answers!

Ask a question

Create new Change Request in RTC 6.0.1 M1 using RestAPI


Dinyo Dinev (3128) | asked Oct 28 '15, 11:08 a.m.
edited Oct 28 '15, 12:16 p.m.
Hi I am using RTC 6.0.1M1 and I want to create change request work item in RTC.
So I made POST request to the creation factory URL, whcih I took from the Service Provider for my project. So the URL for creation is:
https://10.0.2.79:9443/ccm/oslc/contexts/_tsVvMWWwEeWQIIEAtKgWEg/workitems/

so the post is:
POST:
https://10.0.2.79:9443/ccm/oslc/contexts/_tsVvMWWwEeWQIIEAtKgWEg/workitems/
Headers:
Content-Type: application/x-oslc-cm-change-request+xml

and the request body is:
<xmlns:oslc_rm="http://open-services.net/ns/rm#" >
<oslc_cm:ChangeRequest
  xmlns:dc="http://purl.org/dc/terms/"
  xmlns:rtc_cm="https://jazz.net/xmlns/prod/jazz/rtc/cm/1.0/"
  xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
  xmlns:oslc_cm="http://open-services.net/xmlns/cm/1.0/">
  <dc:title>A new Bug</dc:title>
  <dc:description>This is new bug</dc:description>
  <dc:type rdf:resource="https://rtc:9443/jazz/oslc/types/_gasc4Ju-Ed6cerS9lb5AWw/defect"/>
  <rtc_cm:filedAgainst rdf:resource="https://rtc:9443/jazz/resource/itemOid/com.ibm.team.workitem.Category/_hckJkpu-Ed6cerS9lb5AWw"/>
</oslc_cm:ChangeRequest>

but instead of the URI of the new workItem I receive:
 
<html xmlns="http://www.w3.org/1999/xhtml">
   <head>
      <title>Jazz - Permission Denied</title>
      <link type="text/css" rel="stylesheet" href="/ccm/web/jazz.app/internal/templates/StaticLoginWidget.css"/>
   </head>
   <body>
      <h2>Permission Denied</h2>
      <div>Your account does not have the group memberships required to access the requested resource.</div>
   </body>
</html>

Where could be my error?

Edit:
Now from the log I see and error that put little brightness to the problem.

com.ibm.team.repository.common.CSRFException: The user has the roles required to perform this operation,
but the permission has been denied because this request might have been forged by a malicious website.
To prove that this request is not part of a CSRF attack add a new HTTP header with the name 'X-Jazz-CSRF-Prevent'
and use the current JSESSIONID value as the value.


The strange here is that in the RDNG 6.0.1M1 this header was not needed.
And if this header needed when try to create workItem with JAva code?


One answer



permanent link
Luis Silva (257) | answered Aug 10 '16, 10:43 a.m.
 Hi,

I'm currently facing the same problem. Did you find a solution to this problem?

Thank you,
Luis

Your answer


Register or to post your answer.