It's all about the answers!

Ask a question

RAM OSLC REST: How to do form based authentication?

Kangkan Goswami (1571421) | asked Jun 19 '12, 10:32 a.m.
edited Jun 21 '12, 3:52 a.m.
I am trying to do a form-based authentication through the REST service on RAM. But not finding the way ahead.

My first target is a GET to http://server:port/oslc/servicesCatalog

This query allows anonymous access, but does not retrun all of the services/communities. Even with a basic authentication, I manage to get "Repository wide Asset Management Services" only.

Please help.

Accepted answer

permanent link
Rich Kulp (3.6k38) | answered Jun 20 '12, 10:27 a.m.
You need to go against the REST using the web URI, which is typically ram , this path uses form based. But by default it doesn't require a login until you access something that requires authentication.

But may I suggest that you really don't want to use form-based REST! REST is usually simpler when you use basic authentication. Most HTTP clients handle that easily. Form-based is a pain to handle in REST because you have to code the back and forth handshaking until you get authenticated. With basic you don't need to do that.

For basic you would use the path

If you really truly absolutely positively without a shadow of any doubt :-) prefer to use the complicated form based REST over the tremendously simpler basic, then you will need to first force a login. After that you can then do normal REST calls. To force a form based login go to:


Kangkan Goswami selected this answer as the correct answer

Kangkan Goswami commented Jun 21 '12, 3:46 a.m. | edited Jun 21 '12, 3:49 a.m.

@RichardKulp: I tried with Basic authentication. My target uri is http://server:port/oslc/servicesCatalog. I am getting the default community [Repository wide Asset Management Services] only. However, if I use the REST Client after logging in from the browser, I get the additiona communities to which I can actually subscribe. Am I missing something?

Rich Kulp commented Jun 21 '12, 9:52 a.m.

Did you use I don't see that in your link shown here. Basic auth is on the path, not the normal ram path.

Also, unless you use / you are by default anonymous. When you try to ask for things you get what anonymous is allowed to see. In your case anonymous is allowed to see the default community.

Using would FORCE you to login before it processes the request for the services catalog. And then you will see everything you are allowed to see as the logged in person.

Rich Kulp commented Jun 21 '12, 9:56 a.m.

By the way I'm confused. The original question is about form-based, but here you are talking basic auth, but you have another question about basic auth. Please don't intermix the notes, it confuses my poor little brain. ;-)

Kangkan Goswami commented Jun 22 '12, 3:24 a.m.

@RichardKulp: My final intent is to be able to use HttpWebRequest and HttpWebResponse in my .NET and get the data from RAM after authentication. Initially I looked at oAuth as I have already done oAuth for RRC and RQM. I moved to f0rm-based authentication as well as basic authentication. I need the authentication to happen, by whatever means it might be.

Your answer

Register or to post your answer.