Jazz Forum Welcome to the Jazz Community Forum Connect and collaborate with IBM Engineering experts and users

Programmatically create a project area on RTC with curl

Questions
Tags
Users
Badges
Kivanc Ahat
(1122) Sep 22 '11, 4:09 a.m.
Hi,
I am using rtc 2.0.0.2 and i want to create a project area with curl commands but i get HTTP/1.1 403 Forbidden error.
On the other hand i succeed to add members to a rtc project area with curl.

My user has got "JazzAdmins" role.

Project area creation commands:(fail)
@echo off
curl -k -c cookies.txt https://<server>:<port>/jazz/authenticated/identity
curl -k -L -b cookies.txt -c cookies.txt -d j_username=user -d j_password=pass https://<server>:<port>/jazz/authenticated/j_security_check
curl -D - -k -b cookies.txt -H "Content-Type: application/xml" -X POST --data-binary @pa.xml https://<server>:<port>/jazz/process/project-areas

pa.xml:
Specified from "https://jazz.net/wiki/bin/view/Main/DraftTeamProcessRestApi#POST_project_areas_collection"

adding members to project area commands are: (succeed)

curl -k -c cookies.txt https://<server>:<port>/jazz/authenticated/identity
curl -k -L -b cookies.txt -c cookies.txt -d j_username=user -d j_password=pass https://<server>:<port>/jazz/authenticated/j_security_check
curl -D - -k -b cookies.txt -H "Content-Type: application/xml" -X POST --data-binary @member.xml https://<server>:<port>/jazz/process/project-areas/_Ssh3sCr5EeCeN45TDlZ_OA/members



and i got error message when creating project area is:

HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=utf-8
Content-Length: 964
Date: Thu, 22 Sep 2011 07:51:35 GMT

&lt;html&gt;&lt;head&gt;&lt;title&gt;Apache Tomcat/5.5.28 - Error report&lt;/title&gt;&lt;style&gt;&lt;H1&gt;&lt;/style&gt; &lt;/head&gt;&lt;body&gt;&lt;h1&gt;HTTP Status 403 - &lt;/h1&gt;&lt;HR&gt;&lt;p&gt;<b>type</b> Status report&lt;/p&gt;&lt;p&gt;<b>message</b> <u></u>&lt;/p&gt;&lt;p&gt;<b>description</b> <u>Access to the specified resource () has been forbidde
n.</u>&lt;/p&gt;&lt;HR&gt;&lt;h3&gt;Apache Tomcat/5.5.28&lt;/h3&gt;&lt;/body&gt;&lt;/h&gt;



Also i read and tried &quot;https://jazz.net/forums/viewtopic.php?p=59796&amp;sid=bd0f0fe85a4950a4be1aa869e176d6b2&quot; topic but it didn't help.


I really don't undstand the problem.
Please help..

0 votes

5 answers
10,580 views
0 votes

5 answers

Permanent link
Kivanc Ahat
(1122) Sep 28 '11, 4:08 a.m.
Hi,
We are using rtc 2.0.0.2 Standard Edition.
Mentioned difference between standard edition and enterprise edition is High Availability. What is the details of High Availability ?
Is that may be reason of 403 error message while posting project area collection ?

please help.

0 votes

Permanent link
Kevin Gu
JAZZ DEVELOPER (17131) Sep 28 '11, 11:16 p.m.
Hi,
We are using rtc 2.0.0.2 Standard Edition.
Mentioned difference between standard edition and enterprise edition is High Availability. What is the details of High Availability ?
Is that may be reason of 403 error message while posting project area collection ?

please help.


Hi kivancahat,

Have you tried to add specific headers in the post request, e.g.

Referer: https://&lt;server&gt;:&lt;port&gt;/jazz/admin
Host: &lt;server&gt;:&lt;port&gt;
Content-Length: &lt;data_size&gt;
Content-Type: application/xml;charset=UTF-8

Kevin
Jazz Foundation Process Team

0 votes

Permanent link
Kivanc Ahat
(1122) Sep 29 '11, 8:32 a.m.
Hi mincer,
Unfortunatelly, that failed again.

I think, this problem is about the tomcat security constraint. I am not sure but i guess.

I have got security constraint like below: (jazz/web.xml)
&lt;security&gt;
&lt;web&gt;
&lt;web&gt;adminsecurepost&lt;/web&gt;
&lt;url&gt;/_theming/*&lt;/url&gt;
&lt;http&gt;POST&lt;/http&gt;
&lt;/web&gt;
&lt;auth&gt;
&lt;role&gt;JazzAdmins&lt;/role&gt;
&lt;/auth&gt;
&lt;user&gt;
&lt;transport&gt;CONFIDENTIAL&lt;/transport&gt;
&lt;/user&gt;
&lt;/security&gt;


Should i add this ??

&lt;web&gt;
&lt;web&gt;adminsecurepost&lt;/web&gt;
&lt;url&gt;/process/*&lt;/url&gt;
&lt;http&gt;POST&lt;/http&gt;
&lt;/web&gt;

0 votes

Permanent link
Dancy Xia
(11632) Oct 10 '11, 5:38 a.m.
Hi mincer,
Should i add this ??

&lt;web&gt;
&lt;web&gt;adminsecurepost&lt;/web&gt;
&lt;url&gt;/process/*&lt;/url&gt;
&lt;http&gt;POST&lt;/http&gt;
&lt;/web&gt;


I don't think it is about the security configuration on Tomcat. You've succeeded in adding members. I feel it maybe about the problem of the cookie data.

How about you try request like this?
set headers:
Referer=https://&lt;host&gt;:9443/jazz/admin
Cookie=JSESSIONID=1oviuaxpzdvsgq215vl23qfpf; JazzFormAuth=Form; net-jazz-ajax-cookie-rememberUserId=
Content-Type=application/xml; charset=utf-8

set body like this:

&amp;lt;?xml version=&quot;1.0&quot; encoding=&quot;UTF-8&quot;?&amp;gt;
&amp;lt;jp06:project-area xmlns:jp06=&quot;http://jazz.net/xmlns/prod/jazz/process/0.6/&quot; jp06:name=&quot;PA8&quot; jp06:templateId=&quot;com.ibm.team.process.example.process&quot;&amp;gt;
&amp;lt;/jp06:project-area&amp;gt;

I tried with REST client with above data and get the correct 201 response(please make sure to replace &amp;lt; and &amp;gt; with the correct tag, and use the correct templateId)

Dancy

Jazz Foundation Process Team

0 votes

Permanent link
Martha (Ruby) Andrews
JAZZ DEVELOPER (3.0k44351) May 19 '15, 8:57 p.m.
The key here is to pass in a header that tells Jazz (CLM) that the request is not a CSRF attack. The name of the header is "X-Jazz-CSRF-Prevent" and the value is the JSESSIONID for the current session. You can get the JSESSIONID from the cookies.txt file, if you are willing to do some text manipulation.

Here is the snippet that worked for me: 
curl -k -c %COOKIES% -sslv3 "%HOST%/authenticated/identity"

rem log in and save the JSESSIONID to use as X-Jazz-CSRF-Prevent header 
curl  -k -L -b %COOKIES% -c %COOKIES% -d j_username=%USER% -d j_password=%PASSWORD% -sslv3 "%HOST%/authenticated/j_security_check" 
grep "JSESSION" %COOKIES% > %TEMP_JSESSION%
for /F "tokens=7" %%G in (%TEMP_JSESSION%) do set JSESSIONID=%%G

curl -k -b %COOKIES% -H "Content-Type: application/xml" -H "X-Jazz-CSRF-Prevent: %JSESSIONID%" -X POST -d @project_area_xml_jazz.txt -sslv3 "%PROJECT_AREAS_URL%

Hope that helps,
Ruby
Martha (Ruby) Andrews
Jazz Foundation L3 Development Team Lead

0 votes

Your answer

Register or log in to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.

Ask a question
Guidelines
FAQ
Search context
Follow this question

By Email: 

Once you sign in you will be able to subscribe for any updates here.

By RSS:

Answers
Answers and Comments
Question details
× 11,072

Question asked: Sep 22 '11, 4:09 a.m.

Question was seen: 10,580 times

Last updated: May 19 '15, 8:57 p.m.

Confirmation Cancel Confirm