taverna-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ian Dunlop <ianwdun...@gmail.com>
Subject Re: Taverna Player Portal User login Authentication
Date Fri, 02 Sep 2016 13:45:10 GMT
Hello,

When Larry did the auth for the tav mobile app he used basic auth using the
code you can find here
https://github.com/apache/incubator-taverna-mobile/blob/4daa91d3f42b5a4474303fd39c7a7ec1483cebff/app/src/main/java/org/apache/taverna/mobile/fragments/workflowdetails/WorkflowdetailFragment.java#L686

The hardest part was figuring out how to base 64 encode the params because
Rails and Java seemed to do it diferently - see the end of
https://github.com/apache/incubator-taverna-mobile/blob/4daa91d3f42b5a4474303fd39c7a7ec1483cebff/app/src/main/java/org/apache/taverna/mobile/fragments/workflowdetails/WorkflowdetailFragment.java#L688

@Stian Android removed http client a while ago and recommended using
HttpURLConnection instead
https://developer.android.com/reference/java/net/HttpURLConnection.html

I wouldn't mess around with form submission since you can use a more API
based login in the portal.

Cheers,

Ian

On 2 September 2016 at 14:02, Stian Soiland-Reyes <stain@apache.org> wrote:

> On 2 September 2016 at 13:17, Sagar <kumarsagar15795@gmail.com> wrote:
>
> > I am integrating taverna player portal in taverna mobile.
> > I am getting error on user login to taverna player portal
> >
> > I can log in it by using this code by replacing email and password to
> your
> > email and password
> >
> > curl -X POST -H "Accept: application/json" -H "Cache-Control: no-cache"
> -H
> > "Content-Type: application/x-www-form-urlencoded" -d
> 'user[email]=*email*
> > &user[password]=*password*&user[remember_me]=0&commit=Sign in' "
> > http://139.59.28.12:3000/users/sign_in"
> >
> > i am getting
> > {"status":"406","error":"Not Acceptable"}
> > for correct credential
> >
> >
> > I am getting
> > {
> >   "error": "Invalid email or password."
> > }
> > for incorrect credential
> >
> > if I remove Accept header then I am getting  200 Status Code for both the
> > correct and incorrect credential.
> >
> > So how can I distinguish between correct and incorrect credential?
>
>
> The simple answer is to include that Accept header and then check for
> HTTP/1.1 401 Unauthorized :)
>
> It should be quite easy to do that using HTTPClient.
>
>
> I think you can also use basic authentication instead of submitting
> the form, as the error includes:
>
> WWW-Authenticate: Basic realm="Application"
>
> However it seems using /users/sign_in you still HAVE to do an empty
> POST (as GET has no JSON representation), e.g.
>
> curl -v -H "Accept: application/json" -X POST -d "" --anyauth --user
> fred:s3cret http://139.59.28.12:3000/users/sign_in
>
>
>
>
> I think the proper answer is that the HTTP status response to the
> browser (Accept: text/html or no Accept at all) is technically wrong
> (it's not 200 OK) - but probably on purpose by Rails, because you
> don't want a 401 basic authenticatoin login dialog popping up when you
> have a nice HTML form.
>
> I could not find any of the code doing /user/sign_in in
> https://github.com/myGrid/taverna-player-portal/tree/
> master/app/controllers
> or https://github.com/myGrid/taverna-player/tree/master/
> app/controllers/taverna_player
> - perhaps Rob or Finn knows how this is handled?
>
>
> --
> Stian Soiland-Reyes
> Apache Taverna (incubating), Apache Commons
> http://orcid.org/0000-0001-9842-9718
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message