esme-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Imtiaz Ahmed H E" <in.imt...@gmail.com>
Subject Re: integration-admin role required for api2 calls ?
Date Thu, 15 Jul 2010 13:58:34 GMT
Ethan, hopefully you will be able to point me the way here...

I have included in this mail at the end, addSession() in API2.scala with 
some debug println's introduced. With this here's what I get----

-------------------------------------------------------------------------------------------
------------------With mvn install and executing Esme in Tomcat curl output 
is ---------------------

imtiaz@imtiaz-20100131 /cygdrive/d/temp
$ curl --dump-header headers -d "token=HEZTQKM525SAMIPN4EDVRUOGHI40AKBL" 
http:/
/localhost:8080/esme-server-apache-esme-1.0-RC1-incubating/api2/session
<?xml version="1.0" encoding="UTF-8"?>
<api><session><user><id>3</id><nickname>imtiaz2</nickname><image>None</image><w
ole_name>I A 2 H E</whole_name></user></session></api>

imtiaz@imtiaz-20100131 /cygdrive/d/temp
$ cat headers
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=C60F80AD16EFD5BE6E55231EE6C7651D; 
Path=/esme-server-apac
e-esme-1.0-RC1-incubating
Expires: Thu, 15 Jul 2010 13:44:35 UTC
Date: Thu, 15 Jul 2010 13:44:35 GMT
Pragma: no-cache
Cache-Control: no-cache; private; no-store
X-Lift-Version: 2.0-SNAPSHOT
Content-Type: text/xml;charset=utf-8
Content-Length: 178


imtiaz@imtiaz-20100131 /cygdrive/d/temp
$

-------------------------and in the Tomcat log 
window....------------------------------

INFO: Server startup in 25875 ms
****auth = 
Full(org.apache.esme.model.AuthToken={user=3,uniqueId=HEZTQKM525SAMIP
N4EDVRUOGHI40AKBL,createdDate=Sun, 11 Jul 2010 11:47:30 
UTC,id=2,description=MyS
econdToken})
****user = 
Full(org.apache.esme.model.User={validated=false,uniqueId=0ZYRGE1WUDQ
5EZJTPZBAV5OIB5AHX0PK,nickname=imtiaz2,firstName=I A 2,lastName=H 
E,imageUrl=,ti
mezone=Asia/Calcutta,superUser=false,locale=en_US,id=3})
INFO - Service request (POST) 
/esme-server-apache-esme-1.0-RC1-incubating/api2/s
ession took 218 Milliseconds
WARN - Going to buffer response body of large or unknown size. Using 
getResponse
BodyAsStream instead is recommended.

------------------------------------------------------------------------------
---------------------------With mvn jetty:run and curl output 
is ----------------------------

imtiaz@imtiaz-20100131 /cygdrive/d/temp
$ rm headers

imtiaz@imtiaz-20100131 /cygdrive/d/temp
$ curl --dump-header headers -d "token=HEZTQKM525SAMIPN4EDVRUOGHI40AKBL" 
http:/
/localhost:8080/api2/session

imtiaz@imtiaz-20100131 /cygdrive/d/temp
$ cat headers
HTTP/1.1 403 Forbidden
Expires: Thu, 15 Jul 2010 13:49:54 UTC
Set-Cookie: JSESSIONID=1eie2xmbi5yj71aagff9u961sm;Path=/
Content-Length: 0
Date: Thu, 15 Jul 2010 13:49:54 UTC
Pragma: no-cache
Content-Type: text/plain; charset=utf-8
Cache-Control: no-cache; private; no-store
X-Lift-Version: 2.0-SNAPSHOT
Server: Jetty(6.1.24)


imtiaz@imtiaz-20100131 /cygdrive/d/temp
$

----------------------------------and in the jetty log 
window-------------------------------------

[INFO] Started Jetty Server
****auth = Empty
INFO - Service request (POST) /api2/session took 328 Milliseconds

-------------------------------------------------------------------------------------------------
---------------------- addSession in API2 with with debug println's as 
follows-------------------

def addSession(): LiftResponse = {
    val r: Box[Tuple3[Int,Map[String,String],Box[Elem]]] = if 
(User.loggedIn_?) Empty else
    for(token <- S.param("token")) yield {
      val ret: Box[Tuple3[Int,Map[String,String],Box[Elem]]] = for {
        auth <- { println("****auth = " + 
AuthToken.find(By(AuthToken.uniqueId, token)))
          AuthToken.find(By(AuthToken.uniqueId, token)) }
        user <- { println("****user = " + auth.user.obj)
          auth.user.obj }
        val user_xml: Elem = <session>{userToXml(user)}</session>
      } yield {
        User.logUserIn(user)
        val myActor = buildActor(user.id)
        messageRestActor(Full(myActor))
        userRoles(AuthRole("integration-admin"))
        (200,Map(),Full(user_xml))
      }

      ret openOr (403,Map(),Empty)
    }

    r
  }



Imtiaz
Imtiaz Ahmed H E
Cell +91.98452 84561
Bangalore, India




----- Original Message ----- 
From: "Richard Hirsch" <hirsch.dick@gmail.com>
To: <esme-dev@incubator.apache.org>
Sent: Tuesday, July 13, 2010 9:54 AM
Subject: Re: integration-admin role required for api2 calls ?


2010/7/13 Imtiaz Ahmed H E <in.imtiaz@gmail.com>:
> Why is that you don't need to include "Esme" as in
> http://localhost:8080/esme/api2/session but instead you say
> "http://localhost:8080/api2/session" when you use
> mvn jetty:run instead of Tomcat to use api2. The api seems to work 
> correctly
> when invoked when running in Tomcat.

In Tomcat you can have different applications running in the
container. Every time you put a war or ear file in Tomcat's webapps
directory, the files are extracted and the application is then
available using the name of the war/ear file file. Using mvn jetty:run
- there is just one application deployed (esme) and therefore, there
is no need for "esme" in the url.

>
> Imtiaz
>
> ----- Original Message ----- From: "Richard Hirsch" 
> <hirsch.dick@gmail.com>
> To: <esme-dev@incubator.apache.org>
> Sent: Monday, July 12, 2010 8:13 PM
> Subject: Re: integration-admin role required for api2 calls ?
>
>
> On Mon, Jul 12, 2010 at 4:28 PM, Imtiaz Ahmed H E <in.imtiaz@gmail.com>
> wrote:
>>
>> BTW, the steps I follow are:
>>
>> 1. mvn jetty:run
>> 2. Open cygwin prompt
>> 3, Execute curl commands.
>
> What command do you run in curl?
>
> When you run jetty - tomcat must be shut down. It usually listens on
> the same 8080 port.
>
>>
>> When previously opened Esme may have been left in logged in OR logged out
>> state...
>>
>> Please find attached a jpg with the My Tokens page of ESME showing the
>> token
>> I have used in my curl command to dump headers.
>
> The esme-dev mailer usually deletes all attachments - so we won't get it 
> :-<
>
>>
>> Maybe I need to step through API2's addSession() method. I stopped
>> stepping
>> through code when I moved to Java development 10 years back !. Or I need
>> to
>> figure out the basics of all that's going on inside addSession(),
>> especially
>> Lift-related, then maybe I can stick to my no-stepping-through-code
>> attitude
>> !
>>
>> Tried it again just now after shutting down a Tomcat instance of Esme
>> leaving Esme user, imtiaz2, logged in...got the same '403 Forbidden' in
>> the
>> dumped header.
>> Imtiaz
>>
>> ----- Original Message ----- From: "Ethan Jewett" <esjewett@gmail.com>
>> To: <esme-dev@incubator.apache.org>
>> Cc: <in.imtiaz@gmail.com>
>> Sent: Monday, July 12, 2010 7:35 PM
>> Subject: Re: integration-admin role required for api2 calls ?
>>
>>
>> For me, the following works fine:
>>
>> curl --dump-header headers -d "token=KMETDTRX01VV5MVS1RHV2CNGMUKENUB3"
>> http://localhost:8080/api2/session
>>
>> Returns:
>>
>> <?xml version="1.0" encoding="UTF-8"?>
>>
>> <api><session><user><id>24</id><nickname>test</nickname><image>None</image><whole_name>Ethan
>> Jewett</whole_name></user></session></api>
>>
>> Headers (from "cat headers"): HTTP/1.1 200 OK
>> Expires: Mon, 12 Jul 2010 14:02:15 UTC
>> Set-Cookie: JSESSIONID=2041ucsme2i8;Path=/
>> Content-Length: 179
>> Date: Mon, 12 Jul 2010 14:02:15 UTC
>> Pragma: no-cache
>> Content-Type: text/xml; charset=utf-8
>> Cache-Control: no-cache; private; no-store
>> X-Lift-Version: 2.0-SNAPSHOT
>> Server: Jetty(6.1.22)
>>
>> If you can confirm that the token exists in your installation, then we
>> have some sort of bug that I am unable to recreate at the moment and
>> we'll need to dig into it further.
>>
>> Ethan
>>
>>
>> On Mon, Jul 12, 2010 at 9:30 AM, Vassil Dichev <vdichev@apache.org> 
>> wrote:
>>>
>>> It might also mean that there's no such URL so you have no access to
>>> such a resource.
>>>
>>> On Mon, Jul 12, 2010 at 10:09 AM, <in.imtiaz@gmail.com> wrote:
>>>>
>>>> Why am I getting 403, the token is exactly as got from one of the users
>>>> in the UI without an integration-admin role.
>>>>
>>>> Sent from BlackBerryĹ˝ on Airtel
>>>>
>>>> -----Original Message-----
>>>> From: Richard Hirsch <hirsch.dick@gmail.com>
>>>> Date: Mon, 12 Jul 2010 09:05:21
>>>> To: <esme-dev@incubator.apache.org>
>>>> Reply-To: esme-dev@incubator.apache.org
>>>> Subject: Re: integration-admin role required for api2 calls ?
>>>>
>>>> you don't need the role to login in via the session method . You just
>>>> need the role when creating users or tokens via the api2.
>>>>
>>>> D.
>>>>
>>>> On Mon, Jul 12, 2010 at 9:01 AM, Imtiaz Ahmed H E <in.imtiaz@gmail.com>
>>>> wrote:
>>>>>
>>>>> and how do you get this role ? Not having that role is probably why 
>>>>> I'm
>>>>> getting '403 Forbidden' in the following...
>>>>>
>>>>>
>>>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>>>> $ curl --dump-header headers -d
>>>>> "token=RCJ44VUZEOEES3NR1EZEIK32PF1BNOBQ"
>>>>> http:/
>>>>> /localhost:8080/api2/session
>>>>>
>>>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>>>> $ cat headers
>>>>> HTTP/1.1 403 Forbidden
>>>>> Expires: Sun, 11 Jul 2010 08:29:09 UTC
>>>>> Set-Cookie: JSESSIONID=d8a63eqezeownsy8qnayuhwy;Path=/
>>>>> Content-Length: 0
>>>>> Date: Sun, 11 Jul 2010 08:29:09 UTC
>>>>> Pragma: no-cache
>>>>> Content-Type: text/plain; charset=utf-8
>>>>> Cache-Control: no-cache; private; no-store
>>>>> X-Lift-Version: 2.0-SNAPSHOT
>>>>> Server: Jetty(6.1.24)
>>>>>
>>>>>
>>>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>>>> $
>>>>>
>>>>> Imtiaz
>>>>
>>>
>>
>
> 


Mime
View raw message