Using 6.0 REST API with CURL
I'm having some trouble authenticating to a cmm instance using curl.
The server is at 6.0 and I've tried options like the one in this technote https://jazz.net/library/article/194/
The code :
set COOKIES=.\cookies.txt
set USER=
set PASSWORD=
set HOST=https://localhost:9443
curl -k -c %cookies% "%host%/jts/authenticated/identity" >nul
curl -k -L -b %COOKIES% -c %COOKIES% -d j_username=%USER% -d j_password=%PASSWORD% "%host%/jts/authenticated/j_security_check" >nul
curl -k -L -b %COOKIES% "%host%/ccm/oslc/workitems/catalog
set USER=
set PASSWORD=
set HOST=https://localhost:9443
curl -k -c %cookies% "%host%/jts/authenticated/identity" >nul
curl -k -L -b %COOKIES% -c %COOKIES% -d j_username=%USER% -d j_password=%PASSWORD% "%host%/jts/authenticated/j_security_check" >nul
curl -k -L -b %COOKIES% "%host%/ccm/oslc/workitems/catalog
Cookies retrieved:
#HttpOnly_ FALSE / TRUE 0 WASReqURL https://:9443/ccm/secure/authenticated/identity?redirectPath=%252Fccm%252Foslc%252Fworkitems%252F74082.json
FALSE / FALSE 0 x-com-ibm-team-scenario 8af8814f-212e-48c5-b500-ebd78b9997fa%3Bname%3DInitial+Page+Load%3Bextras%3D%2Fccm%2Fauth%2Fauthrequired%2C1467383370524
Did anyone try this scenario and has a solution ?FALSE /ccm TRUE 0 JazzFormAuth Form
I saw several forum entries saying that using curl & the technote instructions still work for version 5 but it doesn't in 6.0. Also, I didn't find anything relevant in the knowledge center so any ideas are appreciated.
3 answers
works for me on 6.0.1
using same set=
must have a valid userid and password
curl -k -c %cookies% "%host%/jts/authenticated/identity" >nul
curl -k -L -b %COOKIES% -c %COOKIES% -d j_username=%USER% -d j_password=%PASSWORD% %host%/jts/authenticated/j_security_check >nul
curl -k -L -b %COOKIES% -H "Accept: application/xml" %host%/ccm/oslc/workitems/catalog
using same set=
must have a valid userid and password
curl -k -c %cookies% "%host%/jts/authenticated/identity" >nul
curl -k -L -b %COOKIES% -c %COOKIES% -d j_username=%USER% -d j_password=%PASSWORD% %host%/jts/authenticated/j_security_check >nul
curl -k -L -b %COOKIES% -H "Accept: application/xml" %host%/ccm/oslc/workitems/catalog
Thanks for the answers. Unfortunately not much progress.
This is indeed a distributed env and I changed the urls to /ccm
I also modified the 2nd line to:
curl -v -k -L -b %COOKIES% -c %COOKIES% -d j_username=%USER% -d j_password=%PASSWORD% -H "Content-Type: application/x-www-form-urlencoded; charset=utf-8" "%host%/ccm/authenticated/j_security_check"
bu it also didn't help.
The response I get is the standand text/html one (pasted a part of it):
It seems I'm following all the steps documented also here: https://jazz.net/wiki/bin/view/Main/WritingAJazzClient> POST /ccm/authenticated/j_security_check HTTP/1.1> Host: localhost:9443> User-Agent: curl/7.46.0> Accept: */*> Cookie: WASReqURL=https://:9443/ccm/authenticated/identity> Content-Type: application/x-www-form-urlencoded; charset=utf-8> Content-Length: 68>* upload completely sent off: 68 out of 68 bytes< HTTP/1.1 302 Found< Date: Mon, 04 Jul 2016 12:05:39 GMT< X-Powered-By: Servlet/3.0< Location: https://localhost:9443/ccm/auth/authfailed< Content-Length: 0< Content-Language: en-US<* Connection #0 to host localhost left intact* Issue another request to this URL: 'https://localhost:9443/ccm/auth/authfailed'* Switch from POST to GET* Found bundle for host localhost: 0x4a4800* Re-using existing connection! (#0) with host localhost* Connected to localhost port 9443 (#0)> GET /ccm/auth/authfailed HTTP/1.1> Host: localhost:9443> User-Agent: curl/7.46.0> Accept: */*> Cookie: WASReqURL=https://:9443/ccm/authenticated/identity> Content-Type: application/x-www-form-urlencoded; charset=utf-8>< HTTP/1.1 200 OK< Date: Mon, 04 Jul 2016 12:05:39 GMT< X-Powered-By: Servlet/3.0< X-com-ibm-team-repository-web-auth-msg: authfailed< X-Frame-Options: SAMEORIGIN* Added cookie x-com-ibm-team-scenario="2f4da2ec-f320-4f14-9c89-5099c7aabef7%3Bname%3DInitial+Page+Load%3Bextras%3D%2Fccm%2Fauth%2Fauthfailed%2C1467633939850" for domain localhost, path /, expire 0< Set-Cookie: x-com-ibm-team-scenario=2f4da2ec-f320-4f14-9c89-5099c7aabef7%3Bname%3DInitial+Page+Load%3Bextras%3D%2Fccm%2Fauth%2Fauthfailed%2C1467633939850; Path=/< Expires: Thu, 01 Dec 1994 16:00:00 GMT< Cache-Control: no-cache="set-cookie, set-cookie2"< Transfer-Encoding: chunked< Content-Type: text/html; charset=UTF-8< Content-Language: en-US
but for some reason the authentication part fails for me.
Comments
Are there any special characters in your username or password? The HTTP request header Content-Length has a value of 68, which is way too large. This translates to a pair of username and password with 45 characters in length. Are they really this long? Also the response header Location for the POST is /ccm/auth/authfailed, which also indicates that you send the wrong username/password to the server.
Yes , the user name and password are that long.
I do have special characters in them like .+@ but these shouldn't require escaping . I also used quotes as a test on pwd & username but I have the same result
I guess you use an email address as the user Id, and that should be OK. But the plus sign(+) poses a big problem. As long as I change the password to include a plug sign, I cannot find a reliable way to log on any more. I believe this is the issue discussed here:
http://stackoverflow.com/questions/7410515/post-value-geting-plus-signs-removed
If you have to include special characters in your password, try to avoid the plus sign (. and @ work for me).