It's all about the answers!

Ask a question

RTC Rest API authentication issue


Jia Jia Li (8057152192) | asked Apr 09 '12, 10:33 a.m.
Hi, I want to use RTC Rest API to create/modify work item in java program.
The URL I use for auth is:
https://localhost:9443/ccm/j_security_check

My JTS server is 3.0.1 with Tomcat and self certificated.

Can anyone help? Thanks!

But I got the exception:
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
at com.ibm.jsse2.fc.getPeerCertificates(fc.java:166)
at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:339)
at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:123)
at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:147)
at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:108)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:415)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:641)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:576)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:554)
at com.ibm.rtc.restclient.RTCRestClient.jsonHttp(RTCRestClient.java:342)
at com.ibm.rtc.restclient.RTCRestClient.get(RTCRestClient.java:287)

----------------------------------------------------------------------------------


The sample code is :

private Cookie authenticate() {

if(cookie!=null && !cookie.isExpired(Calendar.getInstance().getTime())){
return cookie;
}

DefaultHttpClient httpClient = new DefaultHttpClient();

HttpPost postMethod = null;

try {
postMethod = new HttpPost(authURL);
postMethod.setEntity(new UrlEncodedFormEntity(nvps, HTTP.UTF_8));
HttpResponse response = httpClient.execute(postMethod);
HttpEntity responseEntity = response.getEntity();

cookie = httpClient.getCookieStore().getCookies().get(0);

} catch (IOException e) {
e.printStackTrace();
}

httpClient.getConnectionManager().shutdown();
return cookie;
}

One answer



permanent link
Jia Jia Li (8057152192) | answered Apr 09 '12, 10:51 a.m.
Resolved.
Download the workshop and run Example3.
https://jazz.net/wiki/bin/view/Main/OSLCWorkshopDownload

static public void setupLazySSLSupport(HttpClient httpClient) {
ClientConnectionManager connManager = httpClient.getConnectionManager();
SchemeRegistry schemeRegistry = connManager.getSchemeRegistry();
schemeRegistry.unregister("https");
/** Create a trust manager that does not validate certificate chains */
TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
public void checkClientTrusted(
java.security.cert.X509Certificate[] certs, String authType) {
/** Ignore Method Call */
}

public void checkServerTrusted(
java.security.cert.X509Certificate[] certs, String authType) {
/** Ignore Method Call */
}

public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
} };

SSLContext sc = null;
try {
sc = SSLContext.getInstance("SSL"); //$NON-NLS-1$
sc.init(null, trustAllCerts, new java.security.SecureRandom());
} catch (NoSuchAlgorithmException e) {
/* Fail Silently */
} catch (KeyManagementException e) {
/* Fail Silently */
}

SSLSocketFactory sf = new SSLSocketFactory(sc);
sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
Scheme https = new Scheme("https", sf, 443);

schemeRegistry.register(https);

Your answer


Register or to post your answer.