Jazz Forum Welcome to the Jazz Community Forum Connect and collaborate with IBM Engineering experts and users

Always Getting an HTML in Response from RTC

Questions
Tags
Users
Badges
Sean Lauren
(734) edited
Apr 09 '20, 3:24 p.m.

 It seems like the RTC server doesn't like my url request. After the /ccm/ part, I can essentially write whatever I want and get the same result. So I'm guessing something about what I've got is wrong. Following the answer from my previous [post][1], I'm pretty sure I have the right link from the "services" file in the <oslc_cm:simpleQuery><dc:title>Change request queries</dc:title> tag. So I'm not sure if there's something else it doesn't like? It no longer fails authentication and I'm now using form-based rather than basic, so I don't think it's authentication-related. Any ideas?


Update: I've also tried swapping all the colons with %3A as the Jazz [documentation][2] didn't seem particularly consistent in their examples if that was necessary or not. Same results though.

        string localhost = "https://my.host.com:9443/ccm/";
        string item = localhost + "oslc/contexts/_MySp3ci4lK3Y/workitems?" +
                                  "oslc.where=dcterms:identifier=%222494443%22&" +
                                  "oslc.properties=dcterms:title,dcterms:identifier&" +
                                  "oslc.prefix=dcterms=%3Chttp://purl.org/dc/terms/%3E";
        Debug.Log("Request");
        HttpWebRequest request = (HttpWebRequest)WebRequest.Create(item);
        request.Accept = "application/json";
        request.Headers.Add("OSLC-Core-Version", "2.0");
        WebResponse response = request.GetResponse();
        string AuthHeader = response.Headers["X-com-ibm-team-repository-web-auth-msg"];
        //check if authentication has failed
        if ((AuthHeader != null) && AuthHeader.Equals("authrequired"))
        {
            Debug.Log("Authentication Required");
            HttpWebRequest _formPost = (HttpWebRequest)WebRequest.Create(localhost + "authenticated/j_security_check"); // Same response without the "authenticated/j_security_check"
            _formPost.Method = "POST";
            _formPost.Timeout = 30000;
            _formPost.Headers.Add("OSLC-Core-Version", "2.0");
            _formPost.CookieContainer = request.CookieContainer;
            _formPost.Accept = "text/xml";
            _formPost.ContentType = "application/x-www-form-urlencoded";

            Byte[] _outBuffer = Encoding.UTF8.GetBytes(credentials); //store in byte buffer
            _formPost.ContentLength = _outBuffer.Length;
            Stream _str = _formPost.GetRequestStream();
            _str.Write(_outBuffer, 0, _outBuffer.Length); //update form
            _str.Close();

            //FormBasedAuth Step2:submit the login form and get the response from the server
            HttpWebResponse _formResponse = (HttpWebResponse)_formPost.GetResponse();

            string _rtcAuthHeader = _formResponse.Headers["X-com-ibm-team-repository-web-auth-msg"];
            //check if authentication has failed
            if ((_rtcAuthHeader != null) && _rtcAuthHeader.Equals("authfailed"))
            {
                Debug.Log("Authentication Failed");
                return;
            }
            else
            {
                //login successful
              // Still says AuthRequired here for some reason
                Debug.Log("Auth Header = " + _rtcAuthHeader); 
                _formResponse.GetResponseStream().Flush();
                _formResponse.Close();
                //FormBasedAuth Step3: Resend the request for the protected resource.
                response = (HttpWebResponse)request.GetResponse();
            }
        }
        else if (AuthHeader == null)
        {
            Debug.Log("AuthHeader Null");
        }
        else
        {
            Debug.Log("AuthHeader = " + AuthHeader);
        }

        Debug.Log("Response Stream");
        Stream responseStream = response.GetResponseStream();
        byte[] buffer = new byte[BufferSize];
        int read;
        while ((read = responseStream.Read(buffer, 0, buffer.Length)) > 0)
        {
            // Prints out an HTML Doc rather than a JSON string.
            Debug.Log(Encoding.UTF8.GetString(buffer));
        }

0 votes

2 answers
1,638 views
0 votes

Accepted answer

Permanent link
Sean Lauren
(734) edited
Apr 16 '20, 7:45 a.m.

I can't say enough about Postman to figure this all out. Thanks, @Ralph Schoon for that tip! Apart from that, my issues were many. The HTML was definitely indicating a problem with authentication.

This is what I've come to understand.

The comment "// * Still says AuthRequired here for some reason *" is telling of the fact that authorization is indeed not occurring. The header value for "X-com-ibm-team-repository-web-auth-msg" will indeed be null when it is officially no longer required.

It is failing because:

  1. The _formPost itself needs basic authentication to post the form values
  2. The CookieContainer is null. Creating a new CookieContainer allows for the authentication to proceed.
  3. The "authenticated/j_security_check" is not correct. It should simply be "j_security_check".
  4. When requesting the data a second time after authenticating, a new request must be created and using the CookieContainer from the original.
Ralph Schoon selected this answer as the correct answer

0 votes

Comments
Ralph Schoon
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER Apr 16 '20, 8:24 a.m.
The authentication as described in  https://rsjazz.wordpress.com/2019/05/13/using-a-rest-client-to-authenticate-to-elm-clm-applications/ has always worked for me and the cookies have also usually done what is needed. The settings in Postman I describe are essential.

Otherwise, the experience seems to be similar to my first attempts... 8)

One other answer

Permanent link
Ralph Schoon
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER (64.6k33649) Apr 10 '20, 6:58 a.m.
  1. Use GET not POST
  2. Use Postman until you understand what you are doing See https://rsjazz.wordpress.com/2019/05/13/using-a-rest-client-to-authenticate-to-elm-clm-applications/
  3. JSON is not necessarily supported for everything.

0 votes

Comments
Sean Lauren
Apr 10 '20, 11:02 a.m.

Thanks Ralph. Postman seems interesting as a learning tool, but I'm not seeing "Form Auth" as an authentication method. Also, switching from POST to GET gives an error because I'm "posting" my credentials and not trying to "get" from them. Adding the method = GET to the request itself also doesn't change anything--I still get the strange HTML response.

Sean Lauren
Apr 10 '20, 1:47 p.m.

I've managed to get Postman to work with my commands. I'm not yet sure why I can't duplicate it in code. I think it's doing something in the background with cookies that I'm not doing in the code. My POST for authentication is finally not having an auth header at all which is what I expect to pass. But when I request a GET with the request object whose CookieContainer I think I'm using, it again returns authrequired. So it's not carrying over from the formPost to the request. Any idea why?

Your answer

Register or log in to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.

Ask a question
Guidelines
FAQ
Search context
Follow this question

By Email: 

Once you sign in you will be able to subscribe for any updates here.

By RSS:

Answers
Answers and Comments
Question details
× 11,079

Question asked: Apr 09 '20, 3:23 p.m.

Question was seen: 1,638 times

Last updated: Apr 16 '20, 8:24 a.m.

Confirmation Cancel Confirm