incubator-esme-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Richard Hirsch <hirsch.d...@gmail.com>
Subject Re: integration-admin role required for api2 calls ?
Date Mon, 12 Jul 2010 14:43:56 GMT
On Mon, Jul 12, 2010 at 4:28 PM, Imtiaz Ahmed H E <in.imtiaz@gmail.com> wrote:
> BTW, the steps I follow are:
>
> 1. mvn jetty:run
> 2. Open cygwin prompt
> 3, Execute curl commands.

What command do you run in curl?

When you run jetty - tomcat must be shut down. It usually listens on
the same 8080 port.

>
> When previously opened Esme may have been left in logged in OR logged out
> state...
>
> Please find attached a jpg with the My Tokens page of ESME showing the token
> I have used in my curl command to dump headers.

The esme-dev mailer usually deletes all attachments - so we won't get it :-<

>
> Maybe I need to step through API2's addSession() method. I stopped stepping
> through code when I moved to Java development 10 years back !. Or I need to
> figure out the basics of all that's going on inside addSession(), especially
> Lift-related, then maybe I can stick to my no-stepping-through-code attitude
> !
>
> Tried it again just now after shutting down a Tomcat instance of Esme
> leaving Esme user, imtiaz2, logged in...got the same '403 Forbidden' in the
> dumped header.
> Imtiaz
>
> ----- Original Message ----- From: "Ethan Jewett" <esjewett@gmail.com>
> To: <esme-dev@incubator.apache.org>
> Cc: <in.imtiaz@gmail.com>
> Sent: Monday, July 12, 2010 7:35 PM
> Subject: Re: integration-admin role required for api2 calls ?
>
>
> For me, the following works fine:
>
> curl --dump-header headers -d "token=KMETDTRX01VV5MVS1RHV2CNGMUKENUB3"
> http://localhost:8080/api2/session
>
> Returns:
>
> <?xml version="1.0" encoding="UTF-8"?>
> <api><session><user><id>24</id><nickname>test</nickname><image>None</image><whole_name>Ethan
> Jewett</whole_name></user></session></api>
>
> Headers (from "cat headers"): HTTP/1.1 200 OK
> Expires: Mon, 12 Jul 2010 14:02:15 UTC
> Set-Cookie: JSESSIONID=2041ucsme2i8;Path=/
> Content-Length: 179
> Date: Mon, 12 Jul 2010 14:02:15 UTC
> Pragma: no-cache
> Content-Type: text/xml; charset=utf-8
> Cache-Control: no-cache; private; no-store
> X-Lift-Version: 2.0-SNAPSHOT
> Server: Jetty(6.1.22)
>
> If you can confirm that the token exists in your installation, then we
> have some sort of bug that I am unable to recreate at the moment and
> we'll need to dig into it further.
>
> Ethan
>
>
> On Mon, Jul 12, 2010 at 9:30 AM, Vassil Dichev <vdichev@apache.org> wrote:
>>
>> It might also mean that there's no such URL so you have no access to
>> such a resource.
>>
>> On Mon, Jul 12, 2010 at 10:09 AM, <in.imtiaz@gmail.com> wrote:
>>>
>>> Why am I getting 403, the token is exactly as got from one of the users
>>> in the UI without an integration-admin role.
>>>
>>> Sent from BlackBerryĹ˝ on Airtel
>>>
>>> -----Original Message-----
>>> From: Richard Hirsch <hirsch.dick@gmail.com>
>>> Date: Mon, 12 Jul 2010 09:05:21
>>> To: <esme-dev@incubator.apache.org>
>>> Reply-To: esme-dev@incubator.apache.org
>>> Subject: Re: integration-admin role required for api2 calls ?
>>>
>>> you don't need the role to login in via the session method . You just
>>> need the role when creating users or tokens via the api2.
>>>
>>> D.
>>>
>>> On Mon, Jul 12, 2010 at 9:01 AM, Imtiaz Ahmed H E <in.imtiaz@gmail.com>
>>> wrote:
>>>>
>>>> and how do you get this role ? Not having that role is probably why I'm
>>>> getting '403 Forbidden' in the following...
>>>>
>>>>
>>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>>> $ curl --dump-header headers -d "token=RCJ44VUZEOEES3NR1EZEIK32PF1BNOBQ"
>>>> http:/
>>>> /localhost:8080/api2/session
>>>>
>>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>>> $ cat headers
>>>> HTTP/1.1 403 Forbidden
>>>> Expires: Sun, 11 Jul 2010 08:29:09 UTC
>>>> Set-Cookie: JSESSIONID=d8a63eqezeownsy8qnayuhwy;Path=/
>>>> Content-Length: 0
>>>> Date: Sun, 11 Jul 2010 08:29:09 UTC
>>>> Pragma: no-cache
>>>> Content-Type: text/plain; charset=utf-8
>>>> Cache-Control: no-cache; private; no-store
>>>> X-Lift-Version: 2.0-SNAPSHOT
>>>> Server: Jetty(6.1.24)
>>>>
>>>>
>>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>>> $
>>>>
>>>> Imtiaz
>>>
>>
>

Mime
View raw message