How to authenticate using Python for RTC REST API
Hi I have been trying to use RTC REST reporting interfaces using Python v2.7.1 URLLib2 to access this REST Reporting URL using the following code. RTC v3.0.1.1 on Windows with Tomcat v5.5
def rest_call( uid, pw, url):I was able to get this to work on Jazz.net/hub but when I try doing this on my own local RTC Tomcat Based server it doesn't work. I keep getting html back instead of the XML that I get when I try the same url in the browser. Any ideas? Since I am not getting an authentication error I don't think that is the problem. URL being used is http://localhost:9080/ccm/rpt/repository/workitem? Thanks for the help. Carlos Ferreira Other unanswered questions on Authenticated use of RTC REST interfaces : https://jazz.net/forums/viewtopic.php?t=18749 https://jazz.net/forums/viewtopic.php?t=16162 Here is what comes back using above code: <Licensed> |
10 answers
I don't use CURL, but maybe my salesforce.com code can help..
see https://jazz.net/forums/viewtopic.php?t=12745 Sam |
Carlos,
You need to explicitly set the content-type and accept headers on your request to "application/x-oslc-cm-change-request+xml" or "application/x-oslc-cm-change-request+json". -Sean |
Here is what I had to do to ultimately get it to work.
1. Set the authentication mechanism to basic authentication on the Tomcat server per the previously mentioned Jazz.net technote. 2. Set user name and password in the Headers and base64 encode it. 3. Set a header to fake that the request was coming from a browser. 4. Store the cookies so for subsequent requests credentials / cookie id was passed in. Here is the method implemented that this worked using Python. def rest_call_basic_security(feed, encoded_url): COOKIEFILE = 'cookies.lwp' |
Thanks, that helped me go down the path of trying to figure out what the right headers to set and uid/pw encryption.
|
Hi Sean, I am using the straight RTC repository reporting REST API. I wasn't using the OSLC CM REST api so I didn't have to do this step to get it to work.
|
If you've configured the server for basic HTTP authentication, then the code that uses basic auth in your first example should work fine, and you should not need to worry about cookies.
If it's using form-based auth (the default), then you have to follow the form-based auth protocol, and do need to track cookies. More info on the latter approach can be found in this article: http://www.ibm.com/developerworks/rational/library/10/programmatic-authentication-and-certificate-handling-for-rational-team-concert-2-0/index.html?ca=drs- (found via searching for 'authentication' at https://jazz.net/library) |
|
I had some code that I wrote to connect to RTC from saleforce.com using the OLC discovery, and forms logon, to rtc 2.0.0.2 and it worked fine..
but not I can't make it work anymore, to 3.0.1.1 I get a 200 from the post to the j_security_check, but don't get the redirect back to the url that forced the logon.. (get the catalog) any ideas? Sam |
here are the steps I go thru
read the root services document 10:47:30.123 (123386000)|CALLOUT_REQUEST||System.HttpRequest 10:47:30.546 (546649000)|CALLOUT_RESPONSE||System.HttpResponse parse the rootservices doc and get the workitem catalog 10:47:30.551 (551161000)|CALLOUT_REQUEST||System.HttpRequest 10:47:30.712 (712911000)|CALLOUT_RESPONSE||System.HttpResponse 302 is 'moved', and the 'location' header contains the new url. so, lets go there 10:47:30.715 (715888000)|CALLOUT_REQUEST||System.HttpRequest 10:47:30.847 (847604000)|CALLOUT_RESPONSE||System.HttpResponse according to the referenced doc, I now need to 'post' back to j_security_check, the username and password of the user.. The next step is to construct a form to pass to the WebSphere Application Server j_security_check. To do this, use the Name Value Pair classes of the Apache HttpClient: but note guide is old, using the 'jazz' context. so, (a value/pair set).. Salesforce http doesn't provide this class. j_username=uuuuuuu,j_password=pppppppp and the post back 10:47:30.850 (850732000)|CALLOUT_REQUEST||System.HttpRequestMethod=POST] 10:47:31.097 (1097240000)|CALLOUT_RESPONSE||System.HttpResponseStatusCode=200] and we get these header keys back X-com-ibm-team-repository-web-auth-msg, Date, Content-Length, Via, X-Cache-Lookup, Content-Type, X-Cache, Server, Proxy-Connection and the X-com-ibm-team-repository-web-auth-msg header value is 'authfailed' but I don't see any indication of why.. and I also don't know how to cause the post successful authentication to redirect back to the original site request |
maybe someone can help me out here..
there is one thing I didn't mention.. salesforce will not talk to a https site without an official ssl certificate. so I am hacking the code during dev & test by replacing the https and ssl port with the non-secure version (and have configed the server to not require ssl).. but I can't change the home url.. which is set to server:9643 SO, if I send an auth request to the NON-secure port, will is always fail? |