Problem while getting service provider url from RTC 7.0.2 tool with authorization server

pushpita sengupta

(11●1●1) Mar 15 '22, 12:41 p.m.

Downloaded this OSLC4Net build and was trying to retrieve data from RTC 7.0.2. The code is getting authenticated at client.FormLogin() and returning a OK status code. But when it is trying to fetch service provider URL based on catalog URL for the respective project area by the "client.LookupServiceProviderUrl(catalogUrl, projectArea);" it is giving the following response --

{"OSLCC004: The requested resource could not be found. "}

{StatusCode: 401, ReasonPhrase: 'Unauthorized', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:

{

Strict-Transport-Security: max-age=31536000

WWW-Authenticate: Basic realm="JSA"

WWW-Authenticate: Bearer realm="JSA"

X-Powered-By: Servlet/3.0

X-JSA-AUTHORIZATION-URL: https://jazz702-jas.in.kovair.com:9643/oidc/endpoint/jazzop

X-JSA-AUTHORIZATION-REDIRECT: https://jazz702-jas.in.kovair.com:9643/oidc/endpoint/jazzop/authorize?client_id=a45241f7523e47938c26a0fb573f3aee&response_type=code&state=security_token1%3DpwXwH5CYJWwSdWMIqE2KVQoJTNvJec6JrJWDg5zURKw%3D%26security_token2%3DC%2BumLl1CViIUQxm2HLp3CxwO0VZuDLR3n8zIi5kE32w%3D%26return%3Dhttps%253A%252F%252Fjazz702-jas.in.kovair.com%253A9443%252Fccm%252Foslc%252Fworkitems%252Fcatalog%26scope%3Dopenid%2Bgeneral%2Bprofile%2Bemail%2B%26impersonation%3Dtrue&scope=openid+general+profile+email+&redirect_uri=https%3A%2F%2Fjazz702-jas.in.kovair.com%3A9443%2Fccm%2Fjsa

Set-Cookie: JSA_CSRF_b179c159-8dc3-4ecf-910b-0fe1c5969e5c=153579c3-8bea-44af-9d68-947497117191; Path=/ccm; Secure

Date: Tue, 15 Mar 2022 16:28:58 GMT

Cache-Control: no-cache="set-cookie, set-cookie2"

Content-Length: 0

Content-Language: en-US

Expires: Thu, 01 Dec 1994 16:00:00 GMT

}}

Do we need to provide any other header or any other mechanism in order to fetch data from RTC 7.0.2(authorization server) via OSLC4Net? Please provide the required fix for the above problem

0 votes

Comments

Ralph Schoon

FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER Mar 16 '22, 9:12 a.m.

If you ask on the OSLC Forum, consider to provide information such as

the version of the OSLC client and
the data provided in the call - URI, Project Area Name.
details such as the Java/.Net Version you used

The expiration date is funny:

Expires: Thu, 01 Dec 1994 16:00:00 GMT

Not sure if that is to be expected, but I remember having seen cookie issues in the OSLC calls at some point related to such a phenomenon.

3 answers

3,060 views

0 votes

3 answers

Permanent link

David Honey

FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER (1.8k●1●7) Mar 15 '22, 9:25 p.m.

OSLC4Net is not Jazz code - it's part of the OSLC community. So it's unlikely that Jazz developers in this forum will be able to answer questions about its code usage. The OSLC Forum might be a better place to ask. A 401 response usually means you have not authorised with the server. I do not know how OSLC4Net handles authorization.

0 votes

Permanent link

Ian Barnard

FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER (2.4k●7●14) edited

Mar 17 '22, 5:28 a.m.

The headers in your response indicate your client code is in fact not authenticated. Your (or OSLC4NET's?) authentication code should see the 401 and needs to follow the X-JSA-AUTHORIZATION-REDIRECT - look for that header in this doc to see what's involved https://jazz.net/wiki/bin/view/Main/NativeClientAuthentication

But questions about how this is done using OSLC4NET are unlikely to be answered here.

HTH

Ian

0 votes

Permanent link

Alex K.

(13●3) Apr 03 '24, 8:24 a.m.

That is so nonsense that I have to login to be able to access https://jazz.net/wiki/bin/view/Main/NativeClientAuthentication

FACEPALM

Yeah, guys, hide your documentation from searching engines, let your users suffer

0 votes

Comments

Ralph Schoon

FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER Apr 03 '24, 8:40 a.m.

The developer wiki is not meant to be documentation, there is just a bunch of stuff that can serve as documentation. I think the login has legal reasons. You had to agree to the terms and conditions when creating your user Account.

As far as I know, you can still search the data, you just have to login to access it.

https://jazz.net/wiki/bin/view/Deployment/ELMProductAPILanding is the best starting point for APIs at the moment. Not ideal, but OK.

That specific documentation about the client login is really hard to understand. I tried and wrote this because of it: https://rsjazz.wordpress.com/2021/10/15/elm-authentication/ . It might be useful.

Alex K.

Apr 03 '24, 9:08 a.m.

Thanks

Your answer

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here.

By RSS:

Answers

Answers and Comments

Question details

rational-team-concert

× 42,912

jazz-foundation

× 4,326

jazz.net

× 1,701

workflow-management

× 1,615

rational-insight

× 1,230

Question asked: Mar 15 '22, 12:41 p.m.

Question was seen: 3,060 times

Last updated: Apr 03 '24, 9:08 a.m.

Problem while getting service provider url from RTC 7.0.2 tool with authorization server

pushpita sengupta

Comments

Ralph Schoon

3 answers

3,060 views

0 votes

3 answers

David Honey

Ian Barnard

Alex K.

Comments

Ralph Schoon

Alex K.

Your answer

Follow this question

Question details

Related questions