403 Forbidden while creating artifact in DNG
Hi,
I am trying to create artifact using OSLC API with below details .
URL: https://nservename/rm/requirementFactory?projectURL=https%3A%2F%2Fservename%2Frm%2Fprocess%2Fproject-areas%2FUUID
Headers: OSLC-Core-Version : 2.0
URL: https://nservename/rm/requirementFactory?projectURL=https%3A%2F%2Fservename%2Frm%2Fprocess%2Fproject-areas%2FUUID
Headers: OSLC-Core-Version : 2.0
Content-Type: application/rdf+xml
Body:
<rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
<rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:dc="http://purl.org/dc/terms/"
xmlns:public_rm_10="http://www.ibm.com/xmlns/rm/public/1.0/"
xmlns:calm="http://jazz.net/xmlns/prod/jazz/calm/1.0/"
xmlns:rm="http://www.ibm.com/xmlns/rdm/rdf/"
xmlns:acp="http://jazz.net/ns/acp#"
xmlns:rm_property="https://grarrc.ibm.com:9443/rm/types/"
xmlns:oslc="http://open-services.net/ns/core#"
xmlns:nav="http://jazz.net/ns/rm/navigation#"
xmlns:oslc_rm="http://open-services.net/ns/rm#" >
<rdf:Description rdf:about="">
<rdf:type rdf:resource="http://open-services.net/ns/rm#Requirement"/>
<dc:description rdf:parseType="Literal">OSLC Creation Example</dc:description>
<dc:title rdf:parseType="Literal">OSLC Created Requirement</dc:title>
<oslc:instanceShape rdf:resource="https://servername/rm/types/OT_yaasgSo8EeuYz8KHPSBUuA"/>
</rdf:Description>
</rdf:RDF>
Response:
<rdf:RDF
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
<rdf:Description>
<err:detailedMessage rdf:datatype="http://www.w3.org/2001/XMLSchema#string"
>com.ibm.rdm.fronting.server.exception.PermissionsForbiddenException</err:detailedMessage>
<err:errorMessage rdf:datatype="http://www.w3.org/2001/XMLSchema#string"
>Forbidden</err:errorMessage>
<err:errorStatus rdf:datatype="http://www.w3.org/2001/XMLSchema#long"
>403</err:errorStatus>
</rdf:Description>
</rdf:RDF>
Checked by using Basic Authentication with the UserID which is having all access.
Is anything missing. Please help
Thanks
One answer
You need to be authenticated with the JTS. The easiest approach is to use Firefox and RESTClient. Log in using the Firefox browser and the use RESTClient for the request. That way the browser handles the complex authentication and RESTClient shares the cookies.
Sometimes POST requires the X-Jazz-CSRF-Prevent header with the value of the JSESSIONID cookie. I am not sure how to get that cookie in Firefox. I usually use a test system supporting Form based authentication and POSTMAN. It is unfortunate that authentication becomes more complex to increase security.
Comments
Thanks for the reply.
After adding JSESSIONID , it is still showing the same.
The problem is when we hit the POST URL (https://nservename/rm/requirementFactory?projectURL=https%3A%2F%2Fservename%2Frm%2Fprocess%2Fproject-areas%2FUUID) in browser, it is showing below
Error 405: com.ibm.rdm.fronting.server.exception.MethodNotAllowedException
Please assist.
Please assist.
"in browser" do you mean using a browser REST client? If not using a rest client how would you generate a POST and also apply the needed headers?
Using a rest client in a logged-in browser you shouldn't need to apply any cookie, these should be provided automatically by the browser.
If your browser is logged in you should be able to GET an existing artifact, does this work? If the GET works then you're logged in and the problem comes to the data you're providing with the POST, i.e. the headers, the configuration, the body content.
Comments
Ian Barnard
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER Jul 19 '23, 7:33 a.m.Are you using POST?