cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Evan Miller <Evan.Mil...@citrix.com>
Subject ldapConfig API: Getting 401 unable to verify user credentials and/or request signature
Date Thu, 19 Jul 2012 02:36:28 GMT
Running CloudStack Management Server:
  v3.0.2.1
On:
  [root@cumulus management]# uname -a
  Linux cumulus.eng.citrite.net 2.6.32-220.el6.x86_64 #1 SMP Tue Dec 6 19:48:22 GMT 2011 x86_64
x86_64 x86_64 GNU/Linux
  [root@cumulus management]#
Hypervisor :
  XenServer v6.02

Hi:

I am sure there is something not quite right with my syntax, but I can't isolate what it is.

I am trying to run ldapConfig API.

Here are the nonencoded variable values:

  &hostname=labscaler.eng.citrite.net
  &port=389
  &ssl=false
  &searchbase=dc=automation,dc=com,ou=people
  &queryfilter=(&(uid=%u))
  &binddn=dc=automation,dc=com,cn=admins,ou=labscaler
  &response=json

And, the LDAP bind dn password is SHA encrypted like so:

  &bindpass=KEXF/g4zPdynLVqmtqqSPiJnLuJi0Ga1

And, here is my final url:

http://10.217.5.192:8080/client/api?apikey=iFl88lw1Pk6gKqUIFPN8vzZbJNsUVdYGIJKBTEXtrymcIH5UWp9VHjgnpP_zCmaucmi8XmwK75TR70z-2ayjGA&command=ldapConfig&hostname=labscaler.eng.citrite.net&port=389&ssl=false&searchbase=dc%3Dautomation%2Cdc%3Dcom%2Cou%3Dpeople&queryfilter=%28%26%28uid%3D%25u%29%29&binddn=dc%3Dautomation%2Cdc%3Dcom%2Ccn%3Dadmins%2Cou%3Dlabscaler&bindpass=KEXF/g4zPdynLVqmtqqSPiJnLuJi0Ga1&response=json&signature=IiIdwQkuJFL5iHsX1ojWThchnjk%3D

The above url produces this error:

{ "ldapconfigresponse" : {"errorcode" : 401, "errortext" : "unable to verify user credentials
and/or request signature"}  }

Is the SHA encryption of the bind dn password a problem?

Or, is there a problem with the queryfilter?
I am encodng it a bit before encoding the entire url and applying the signature. That is,
here is how the queryfilter looks before full encoding:
  (%26(uid=%25u))

Initially I am translating the % and & before passing to my signing script - rather than
have my script deal with it.


Regards,

Evan Miller

Citrix Systems. Inc.
Desktop and Cloud Engineering Infrastructure
4988 Great America Parkway
Santa Clara, CA 95054


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message