Jazz Forum Welcome to the Jazz Community Forum Connect and collaborate with IBM Engineering experts and users

Can't access the URL using my credentials now.

Questions
Tags
Users
Badges
sri K
(157) Aug 17 '23, 2:02 a.m.

 Hi Team,


I am using DOORs 6 and I have written a python script which creates a session using username and password.
Using the session, I am executing the request,
1. rootservices 
2. Then, executes this url - https://<server>/rm/oslc_config/components. When I execute this URL with username and password, it returns 401, When I execute it with JSESSIONID it returns 403(Permission Denied).

If I calls this url(https://<server>/rm/oslc_config/components) in browser, it is able to download the contents of the URL.  It means I have permission, right? But If I execute it in script/postman, I am getting this error.

FYI, Earlier, it was working fine, now I got this error.

Any reasons why it occured? How to resolve it?
Please share your thoughts.


0 votes

2 answers
1,301 views
0 votes

2 answers

Permanent link
Ian Barnard
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER (2.4k714) edited
Aug 17 '23, 4:48 a.m.

Sounds like you're trying to insert authentication cookies? You do not need to do that: in your python script which I guess uses the Python Requests package you should create and always then use the same requests session during authentication and then forever after; it will propagate cookies it receives into subsequent http actions and you literally have to do nothing other than keep using the same session.


Of course you always have to watch out for the authentication expiry but you can do that by examining every response for an indication that you're not authenticated and then do the authentication and repeat the original request. Having this automatic authentication implementation in place means you do not need to do an initial explicit authentication because this will be automatically handled by your code when you first try to access a protected resource.

I'd guess that your authentication isn't working, i.e. not implemented correctly or you're not using a valid user+password, or perhaps that user doesn't have permission to access whatever you're trying to access. More on authentication here https://jazz.net/wiki/bin/view/Main/NativeClientAuthentication

0 votes

Comments
sri K
Aug 17 '23, 4:56 a.m.

Thanks for the response.

In my python code, I am creating the session and using it across my entire application. I don't think it is expired, because for every run it is creating a session. 

The code was working fine earlier (so it is implemented correctly and I'm using valid credentials). But I can access the same content from browser (which means I have permission from browser). Do we need any access for accessing it through external tools?

Yesterday I tried the same in POSTMAN, it throws me 401 (when I used Basic auth) and it throws 403 (when I used cookies).


sri K
Aug 17 '23, 5:12 a.m.

Please note that I used the same code. 

@Ian Barnard, Any other possibilities for this scenario?

Ian Barnard
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER Aug 17 '23, 5:21 a.m.

no - your authentication code isn't working so you'll have to debug it.

sri K
Aug 17 '23, 5:45 a.m.

 Okay, Let's leave the code.

@Ian Barnard, Let's use POSTMAN application, there I execute the url -  https://<server>/rm/oslc_config/components with basic auth. There I get 401 error.

What does it mean?

Ian Barnard
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER Aug 17 '23, 5:47 a.m.
It means you're not authenticated. Refer https://jazz.net/wiki/bin/view/Main/NativeClientAuthentication

AFAIK Basic auth isn't enabled in the default Liberty setup, so unless your deployment has consciously enabled it I wouldn't expect basic auth to work.

1 vote

sri K
Aug 17 '23, 5:51 a.m.

In this case, which auth method should I use? Please share your suggestion.


One point is, it was working fine earlier with the same server. Not sure if admin has modified any settings.
@Ian Barnard, should I contact the admin to enable it?
 
 

Ian Barnard
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER Aug 17 '23, 5:50 a.m.

IDK - refer to https://jazz.net/wiki/bin/view/Main/NativeClientAuthentication - probably FORM but your deployment may use JAS which is a rather different ballgame. Good luck!

sri K
Aug 17 '23, 5:56 a.m.

@Ian Barnard, is there a way to check which type of authentication does my server support?

Ian Barnard
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER Aug 17 '23, 5:59 a.m.

refer to https://jazz.net/wiki/bin/view/Main/NativeClientAuthentication

showing 5 of 9 show 4 more comments
Permanent link
Ralph Schoon
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER (64.0k33648) edited
Aug 17 '23, 6:09 a.m.

 For ELM/DOORS Next also see 



For examples.

For DOORS Next, you need to authenticate to JTS. Not sure about DOORS.

0 votes

Comments
sri K
Aug 17 '23, 6:14 a.m.

Sorry, I was talking about DOORs Next gen. not DOORs

sri K
Aug 17 '23, 6:14 a.m.

 Thanks for the info.

Your answer

Register or log in to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.

Ask a question
Guidelines
FAQ
Search context
Follow this question

By Email: 

Once you sign in you will be able to subscribe for any updates here.

By RSS:

Answers
Answers and Comments
Question details
× 10,952
× 1,701

Question asked: Aug 17 '23, 2:02 a.m.

Question was seen: 1,301 times

Last updated: Aug 17 '23, 6:14 a.m.

Related questions
Confirmation Cancel Confirm