You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@esme.apache.org by Imtiaz Ahmed H E <in...@gmail.com> on 2010/07/12 09:01:20 UTC
integration-admin role required for api2 calls ?
and how do you get this role ? Not having that role is probably why I'm getting '403 Forbidden' in the following...
imtiaz@imtiaz-20100131 /cygdrive/d/temp
$ curl --dump-header headers -d "token=RCJ44VUZEOEES3NR1EZEIK32PF1BNOBQ"
http:/
/localhost:8080/api2/session
imtiaz@imtiaz-20100131 /cygdrive/d/temp
$ cat headers
HTTP/1.1 403 Forbidden
Expires: Sun, 11 Jul 2010 08:29:09 UTC
Set-Cookie: JSESSIONID=d8a63eqezeownsy8qnayuhwy;Path=/
Content-Length: 0
Date: Sun, 11 Jul 2010 08:29:09 UTC
Pragma: no-cache
Content-Type: text/plain; charset=utf-8
Cache-Control: no-cache; private; no-store
X-Lift-Version: 2.0-SNAPSHOT
Server: Jetty(6.1.24)
imtiaz@imtiaz-20100131 /cygdrive/d/temp
$
Imtiaz
Re: integration-admin role required for api2 calls ?
Posted by Richard Hirsch <hi...@gmail.com>.
Ethan might have a point - you will need two different tokens. One for
jetty environment and one for the tomcat environment.
Try this:
1. Start ESME using jetty: "mvn jetty:run"
2. Open a browser and type "http://localhost:8080"
3. Login with the user of choice.
4. Click on the "My Tokens" window and create a token.
5. Copy this token - let's say this token was "XYZ"
6. In a shell, type curl --dump-header headers -d "token=XYZ"
http://localhost:8080/api2/session
7. What happens?
2010/7/15 Imtiaz Ahmed H E <in...@gmail.com>:
> Makes sense.
>
> For a quick try-out of this would you tell me
> 1. How to create a user/login...user is 'imtiaz2', lets say...
> and
> 2. Create a token through the api with mvn jetty:run of esme...
>
> I guess that's it for now and I'll try it out. Looks like that will solve
> this conundrum(!) of mine which seems to be born out of my ignorance ! :(
>
> Imtiaz
>
> ----- Original Message ----- From: "Ethan Jewett" <es...@gmail.com>
> To: <es...@incubator.apache.org>
> Sent: Thursday, July 15, 2010 7:44 PM
> Subject: Re: integration-admin role required for api2 calls ?
>
>
> Hi Imtiaz,
>
> It looks like it's not finding the token when you are running using
> Jetty. Since I believe ESME will use a different datastore when
> running under Tomcat than it uses when running under Jetty, I think
> you will need to create a user and a token under Jetty, then use that
> token.
>
> Does that sound right to you? I could be totally off-base here, but
> that would be the first thing to check.
>
> If the token really does exist under Jetty, then can you change your
> println statement to the following and we'll go from there:
>
> auth <- { println("****token = " + token)
>
> Thanks,
> Ethan
>
> 2010/7/15 Imtiaz Ahmed H E <in...@gmail.com>:
>>
>> Ethan, hopefully you will be able to point me the way here...
>>
>> I have included in this mail at the end, addSession() in API2.scala with
>> some debug println's introduced. With this here's what I get----
>>
>>
>> -------------------------------------------------------------------------------------------
>> ------------------With mvn install and executing Esme in Tomcat curl
>> output
>> is ---------------------
>>
>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>> $ curl --dump-header headers -d "token=HEZTQKM525SAMIPN4EDVRUOGHI40AKBL"
>> http:/
>> /localhost:8080/esme-server-apache-esme-1.0-RC1-incubating/api2/session
>> <?xml version="1.0" encoding="UTF-8"?>
>>
>> <api><session><user><id>3</id><nickname>imtiaz2</nickname><image>None</image><w
>> ole_name>I A 2 H E</whole_name></user></session></api>
>>
>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>> $ cat headers
>> HTTP/1.1 200 OK
>> Server: Apache-Coyote/1.1
>> Set-Cookie: JSESSIONID=C60F80AD16EFD5BE6E55231EE6C7651D;
>> Path=/esme-server-apac
>> e-esme-1.0-RC1-incubating
>> Expires: Thu, 15 Jul 2010 13:44:35 UTC
>> Date: Thu, 15 Jul 2010 13:44:35 GMT
>> Pragma: no-cache
>> Cache-Control: no-cache; private; no-store
>> X-Lift-Version: 2.0-SNAPSHOT
>> Content-Type: text/xml;charset=utf-8
>> Content-Length: 178
>>
>>
>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>> $
>>
>> -------------------------and in the Tomcat log
>> window....------------------------------
>>
>> INFO: Server startup in 25875 ms
>> ****auth =
>> Full(org.apache.esme.model.AuthToken={user=3,uniqueId=HEZTQKM525SAMIP
>> N4EDVRUOGHI40AKBL,createdDate=Sun, 11 Jul 2010 11:47:30
>> UTC,id=2,description=MyS
>> econdToken})
>> ****user =
>> Full(org.apache.esme.model.User={validated=false,uniqueId=0ZYRGE1WUDQ
>> 5EZJTPZBAV5OIB5AHX0PK,nickname=imtiaz2,firstName=I A 2,lastName=H
>> E,imageUrl=,ti
>> mezone=Asia/Calcutta,superUser=false,locale=en_US,id=3})
>> INFO - Service request (POST)
>> /esme-server-apache-esme-1.0-RC1-incubating/api2/s
>> ession took 218 Milliseconds
>> WARN - Going to buffer response body of large or unknown size. Using
>> getResponse
>> BodyAsStream instead is recommended.
>>
>>
>> ------------------------------------------------------------------------------
>> ---------------------------With mvn jetty:run and curl output is
>> ----------------------------
>>
>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>> $ rm headers
>>
>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>> $ curl --dump-header headers -d "token=HEZTQKM525SAMIPN4EDVRUOGHI40AKBL"
>> http:/
>> /localhost:8080/api2/session
>>
>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>> $ cat headers
>> HTTP/1.1 403 Forbidden
>> Expires: Thu, 15 Jul 2010 13:49:54 UTC
>> Set-Cookie: JSESSIONID=1eie2xmbi5yj71aagff9u961sm;Path=/
>> Content-Length: 0
>> Date: Thu, 15 Jul 2010 13:49:54 UTC
>> Pragma: no-cache
>> Content-Type: text/plain; charset=utf-8
>> Cache-Control: no-cache; private; no-store
>> X-Lift-Version: 2.0-SNAPSHOT
>> Server: Jetty(6.1.24)
>>
>>
>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>> $
>>
>> ----------------------------------and in the jetty log
>> window-------------------------------------
>>
>> [INFO] Started Jetty Server
>> ****auth = Empty
>> INFO - Service request (POST) /api2/session took 328 Milliseconds
>>
>>
>> -------------------------------------------------------------------------------------------------
>> ---------------------- addSession in API2 with with debug println's as
>> follows-------------------
>>
>> def addSession(): LiftResponse = {
>> val r: Box[Tuple3[Int,Map[String,String],Box[Elem]]] = if
>> (User.loggedIn_?) Empty else
>> for(token <- S.param("token")) yield {
>> val ret: Box[Tuple3[Int,Map[String,String],Box[Elem]]] = for {
>> auth <- { println("****auth = " +
>> AuthToken.find(By(AuthToken.uniqueId, token)))
>> AuthToken.find(By(AuthToken.uniqueId, token)) }
>> user <- { println("****user = " + auth.user.obj)
>> auth.user.obj }
>> val user_xml: Elem = <session>{userToXml(user)}</session>
>> } yield {
>> User.logUserIn(user)
>> val myActor = buildActor(user.id)
>> messageRestActor(Full(myActor))
>> userRoles(AuthRole("integration-admin"))
>> (200,Map(),Full(user_xml))
>> }
>>
>> ret openOr (403,Map(),Empty)
>> }
>>
>> r
>> }
>>
>>
>>
>> Imtiaz
>> Imtiaz Ahmed H E
>> Cell +91.98452 84561
>> Bangalore, India
>>
>>
>>
>>
>> ----- Original Message ----- From: "Richard Hirsch"
>> <hi...@gmail.com>
>> To: <es...@incubator.apache.org>
>> Sent: Tuesday, July 13, 2010 9:54 AM
>> Subject: Re: integration-admin role required for api2 calls ?
>>
>>
>> 2010/7/13 Imtiaz Ahmed H E <in...@gmail.com>:
>>>
>>> Why is that you don't need to include "Esme" as in
>>> http://localhost:8080/esme/api2/session but instead you say
>>> "http://localhost:8080/api2/session" when you use
>>> mvn jetty:run instead of Tomcat to use api2. The api seems to work
>>> correctly
>>> when invoked when running in Tomcat.
>>
>> In Tomcat you can have different applications running in the
>> container. Every time you put a war or ear file in Tomcat's webapps
>> directory, the files are extracted and the application is then
>> available using the name of the war/ear file file. Using mvn jetty:run
>> - there is just one application deployed (esme) and therefore, there
>> is no need for "esme" in the url.
>>
>>>
>>> Imtiaz
>>>
>>> ----- Original Message ----- From: "Richard Hirsch"
>>> <hi...@gmail.com>
>>> To: <es...@incubator.apache.org>
>>> Sent: Monday, July 12, 2010 8:13 PM
>>> Subject: Re: integration-admin role required for api2 calls ?
>>>
>>>
>>> On Mon, Jul 12, 2010 at 4:28 PM, Imtiaz Ahmed H E <in...@gmail.com>
>>> wrote:
>>>>
>>>> BTW, the steps I follow are:
>>>>
>>>> 1. mvn jetty:run
>>>> 2. Open cygwin prompt
>>>> 3, Execute curl commands.
>>>
>>> What command do you run in curl?
>>>
>>> When you run jetty - tomcat must be shut down. It usually listens on
>>> the same 8080 port.
>>>
>>>>
>>>> When previously opened Esme may have been left in logged in OR logged
>>>> out
>>>> state...
>>>>
>>>> Please find attached a jpg with the My Tokens page of ESME showing the
>>>> token
>>>> I have used in my curl command to dump headers.
>>>
>>> The esme-dev mailer usually deletes all attachments - so we won't get it
>>> :-<
>>>
>>>>
>>>> Maybe I need to step through API2's addSession() method. I stopped
>>>> stepping
>>>> through code when I moved to Java development 10 years back !. Or I need
>>>> to
>>>> figure out the basics of all that's going on inside addSession(),
>>>> especially
>>>> Lift-related, then maybe I can stick to my no-stepping-through-code
>>>> attitude
>>>> !
>>>>
>>>> Tried it again just now after shutting down a Tomcat instance of Esme
>>>> leaving Esme user, imtiaz2, logged in...got the same '403 Forbidden' in
>>>> the
>>>> dumped header.
>>>> Imtiaz
>>>>
>>>> ----- Original Message ----- From: "Ethan Jewett" <es...@gmail.com>
>>>> To: <es...@incubator.apache.org>
>>>> Cc: <in...@gmail.com>
>>>> Sent: Monday, July 12, 2010 7:35 PM
>>>> Subject: Re: integration-admin role required for api2 calls ?
>>>>
>>>>
>>>> For me, the following works fine:
>>>>
>>>> curl --dump-header headers -d "token=KMETDTRX01VV5MVS1RHV2CNGMUKENUB3"
>>>> http://localhost:8080/api2/session
>>>>
>>>> Returns:
>>>>
>>>> <?xml version="1.0" encoding="UTF-8"?>
>>>>
>>>>
>>>>
>>>> <api><session><user><id>24</id><nickname>test</nickname><image>None</image><whole_name>Ethan
>>>> Jewett</whole_name></user></session></api>
>>>>
>>>> Headers (from "cat headers"): HTTP/1.1 200 OK
>>>> Expires: Mon, 12 Jul 2010 14:02:15 UTC
>>>> Set-Cookie: JSESSIONID=2041ucsme2i8;Path=/
>>>> Content-Length: 179
>>>> Date: Mon, 12 Jul 2010 14:02:15 UTC
>>>> Pragma: no-cache
>>>> Content-Type: text/xml; charset=utf-8
>>>> Cache-Control: no-cache; private; no-store
>>>> X-Lift-Version: 2.0-SNAPSHOT
>>>> Server: Jetty(6.1.22)
>>>>
>>>> If you can confirm that the token exists in your installation, then we
>>>> have some sort of bug that I am unable to recreate at the moment and
>>>> we'll need to dig into it further.
>>>>
>>>> Ethan
>>>>
>>>>
>>>> On Mon, Jul 12, 2010 at 9:30 AM, Vassil Dichev <vd...@apache.org>
>>>> wrote:
>>>>>
>>>>> It might also mean that there's no such URL so you have no access to
>>>>> such a resource.
>>>>>
>>>>> On Mon, Jul 12, 2010 at 10:09 AM, <in...@gmail.com> wrote:
>>>>>>
>>>>>> Why am I getting 403, the token is exactly as got from one of the
>>>>>> users
>>>>>> in the UI without an integration-admin role.
>>>>>>
>>>>>> Sent from BlackBerryŽ on Airtel
>>>>>>
>>>>>> -----Original Message-----
>>>>>> From: Richard Hirsch <hi...@gmail.com>
>>>>>> Date: Mon, 12 Jul 2010 09:05:21
>>>>>> To: <es...@incubator.apache.org>
>>>>>> Reply-To: esme-dev@incubator.apache.org
>>>>>> Subject: Re: integration-admin role required for api2 calls ?
>>>>>>
>>>>>> you don't need the role to login in via the session method . You just
>>>>>> need the role when creating users or tokens via the api2.
>>>>>>
>>>>>> D.
>>>>>>
>>>>>> On Mon, Jul 12, 2010 at 9:01 AM, Imtiaz Ahmed H E
>>>>>> <in...@gmail.com>
>>>>>> wrote:
>>>>>>>
>>>>>>> and how do you get this role ? Not having that role is probably why
>>>>>>> I'm
>>>>>>> getting '403 Forbidden' in the following...
>>>>>>>
>>>>>>>
>>>>>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>>>>>> $ curl --dump-header headers -d
>>>>>>> "token=RCJ44VUZEOEES3NR1EZEIK32PF1BNOBQ"
>>>>>>> http:/
>>>>>>> /localhost:8080/api2/session
>>>>>>>
>>>>>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>>>>>> $ cat headers
>>>>>>> HTTP/1.1 403 Forbidden
>>>>>>> Expires: Sun, 11 Jul 2010 08:29:09 UTC
>>>>>>> Set-Cookie: JSESSIONID=d8a63eqezeownsy8qnayuhwy;Path=/
>>>>>>> Content-Length: 0
>>>>>>> Date: Sun, 11 Jul 2010 08:29:09 UTC
>>>>>>> Pragma: no-cache
>>>>>>> Content-Type: text/plain; charset=utf-8
>>>>>>> Cache-Control: no-cache; private; no-store
>>>>>>> X-Lift-Version: 2.0-SNAPSHOT
>>>>>>> Server: Jetty(6.1.24)
>>>>>>>
>>>>>>>
>>>>>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>>>>>> $
>>>>>>>
>>>>>>> Imtiaz
>>>>>>
>>>>>
>>>>
>>>
>>>
>>
>>
>
>
Re: integration-admin role required for api2 calls ?
Posted by Imtiaz Ahmed H E <in...@gmail.com>.
Makes sense.
For a quick try-out of this would you tell me
1. How to create a user/login...user is 'imtiaz2', lets say...
and
2. Create a token through the api with mvn jetty:run of esme...
I guess that's it for now and I'll try it out. Looks like that will solve
this conundrum(!) of mine which seems to be born out of my ignorance ! :(
Imtiaz
----- Original Message -----
From: "Ethan Jewett" <es...@gmail.com>
To: <es...@incubator.apache.org>
Sent: Thursday, July 15, 2010 7:44 PM
Subject: Re: integration-admin role required for api2 calls ?
Hi Imtiaz,
It looks like it's not finding the token when you are running using
Jetty. Since I believe ESME will use a different datastore when
running under Tomcat than it uses when running under Jetty, I think
you will need to create a user and a token under Jetty, then use that
token.
Does that sound right to you? I could be totally off-base here, but
that would be the first thing to check.
If the token really does exist under Jetty, then can you change your
println statement to the following and we'll go from there:
auth <- { println("****token = " + token)
Thanks,
Ethan
2010/7/15 Imtiaz Ahmed H E <in...@gmail.com>:
> Ethan, hopefully you will be able to point me the way here...
>
> I have included in this mail at the end, addSession() in API2.scala with
> some debug println's introduced. With this here's what I get----
>
> -------------------------------------------------------------------------------------------
> ------------------With mvn install and executing Esme in Tomcat curl
> output
> is ---------------------
>
> imtiaz@imtiaz-20100131 /cygdrive/d/temp
> $ curl --dump-header headers -d "token=HEZTQKM525SAMIPN4EDVRUOGHI40AKBL"
> http:/
> /localhost:8080/esme-server-apache-esme-1.0-RC1-incubating/api2/session
> <?xml version="1.0" encoding="UTF-8"?>
> <api><session><user><id>3</id><nickname>imtiaz2</nickname><image>None</image><w
> ole_name>I A 2 H E</whole_name></user></session></api>
>
> imtiaz@imtiaz-20100131 /cygdrive/d/temp
> $ cat headers
> HTTP/1.1 200 OK
> Server: Apache-Coyote/1.1
> Set-Cookie: JSESSIONID=C60F80AD16EFD5BE6E55231EE6C7651D;
> Path=/esme-server-apac
> e-esme-1.0-RC1-incubating
> Expires: Thu, 15 Jul 2010 13:44:35 UTC
> Date: Thu, 15 Jul 2010 13:44:35 GMT
> Pragma: no-cache
> Cache-Control: no-cache; private; no-store
> X-Lift-Version: 2.0-SNAPSHOT
> Content-Type: text/xml;charset=utf-8
> Content-Length: 178
>
>
> imtiaz@imtiaz-20100131 /cygdrive/d/temp
> $
>
> -------------------------and in the Tomcat log
> window....------------------------------
>
> INFO: Server startup in 25875 ms
> ****auth =
> Full(org.apache.esme.model.AuthToken={user=3,uniqueId=HEZTQKM525SAMIP
> N4EDVRUOGHI40AKBL,createdDate=Sun, 11 Jul 2010 11:47:30
> UTC,id=2,description=MyS
> econdToken})
> ****user =
> Full(org.apache.esme.model.User={validated=false,uniqueId=0ZYRGE1WUDQ
> 5EZJTPZBAV5OIB5AHX0PK,nickname=imtiaz2,firstName=I A 2,lastName=H
> E,imageUrl=,ti
> mezone=Asia/Calcutta,superUser=false,locale=en_US,id=3})
> INFO - Service request (POST)
> /esme-server-apache-esme-1.0-RC1-incubating/api2/s
> ession took 218 Milliseconds
> WARN - Going to buffer response body of large or unknown size. Using
> getResponse
> BodyAsStream instead is recommended.
>
> ------------------------------------------------------------------------------
> ---------------------------With mvn jetty:run and curl output is
> ----------------------------
>
> imtiaz@imtiaz-20100131 /cygdrive/d/temp
> $ rm headers
>
> imtiaz@imtiaz-20100131 /cygdrive/d/temp
> $ curl --dump-header headers -d "token=HEZTQKM525SAMIPN4EDVRUOGHI40AKBL"
> http:/
> /localhost:8080/api2/session
>
> imtiaz@imtiaz-20100131 /cygdrive/d/temp
> $ cat headers
> HTTP/1.1 403 Forbidden
> Expires: Thu, 15 Jul 2010 13:49:54 UTC
> Set-Cookie: JSESSIONID=1eie2xmbi5yj71aagff9u961sm;Path=/
> Content-Length: 0
> Date: Thu, 15 Jul 2010 13:49:54 UTC
> Pragma: no-cache
> Content-Type: text/plain; charset=utf-8
> Cache-Control: no-cache; private; no-store
> X-Lift-Version: 2.0-SNAPSHOT
> Server: Jetty(6.1.24)
>
>
> imtiaz@imtiaz-20100131 /cygdrive/d/temp
> $
>
> ----------------------------------and in the jetty log
> window-------------------------------------
>
> [INFO] Started Jetty Server
> ****auth = Empty
> INFO - Service request (POST) /api2/session took 328 Milliseconds
>
> -------------------------------------------------------------------------------------------------
> ---------------------- addSession in API2 with with debug println's as
> follows-------------------
>
> def addSession(): LiftResponse = {
> val r: Box[Tuple3[Int,Map[String,String],Box[Elem]]] = if
> (User.loggedIn_?) Empty else
> for(token <- S.param("token")) yield {
> val ret: Box[Tuple3[Int,Map[String,String],Box[Elem]]] = for {
> auth <- { println("****auth = " +
> AuthToken.find(By(AuthToken.uniqueId, token)))
> AuthToken.find(By(AuthToken.uniqueId, token)) }
> user <- { println("****user = " + auth.user.obj)
> auth.user.obj }
> val user_xml: Elem = <session>{userToXml(user)}</session>
> } yield {
> User.logUserIn(user)
> val myActor = buildActor(user.id)
> messageRestActor(Full(myActor))
> userRoles(AuthRole("integration-admin"))
> (200,Map(),Full(user_xml))
> }
>
> ret openOr (403,Map(),Empty)
> }
>
> r
> }
>
>
>
> Imtiaz
> Imtiaz Ahmed H E
> Cell +91.98452 84561
> Bangalore, India
>
>
>
>
> ----- Original Message ----- From: "Richard Hirsch"
> <hi...@gmail.com>
> To: <es...@incubator.apache.org>
> Sent: Tuesday, July 13, 2010 9:54 AM
> Subject: Re: integration-admin role required for api2 calls ?
>
>
> 2010/7/13 Imtiaz Ahmed H E <in...@gmail.com>:
>>
>> Why is that you don't need to include "Esme" as in
>> http://localhost:8080/esme/api2/session but instead you say
>> "http://localhost:8080/api2/session" when you use
>> mvn jetty:run instead of Tomcat to use api2. The api seems to work
>> correctly
>> when invoked when running in Tomcat.
>
> In Tomcat you can have different applications running in the
> container. Every time you put a war or ear file in Tomcat's webapps
> directory, the files are extracted and the application is then
> available using the name of the war/ear file file. Using mvn jetty:run
> - there is just one application deployed (esme) and therefore, there
> is no need for "esme" in the url.
>
>>
>> Imtiaz
>>
>> ----- Original Message ----- From: "Richard Hirsch"
>> <hi...@gmail.com>
>> To: <es...@incubator.apache.org>
>> Sent: Monday, July 12, 2010 8:13 PM
>> Subject: Re: integration-admin role required for api2 calls ?
>>
>>
>> On Mon, Jul 12, 2010 at 4:28 PM, Imtiaz Ahmed H E <in...@gmail.com>
>> wrote:
>>>
>>> BTW, the steps I follow are:
>>>
>>> 1. mvn jetty:run
>>> 2. Open cygwin prompt
>>> 3, Execute curl commands.
>>
>> What command do you run in curl?
>>
>> When you run jetty - tomcat must be shut down. It usually listens on
>> the same 8080 port.
>>
>>>
>>> When previously opened Esme may have been left in logged in OR logged
>>> out
>>> state...
>>>
>>> Please find attached a jpg with the My Tokens page of ESME showing the
>>> token
>>> I have used in my curl command to dump headers.
>>
>> The esme-dev mailer usually deletes all attachments - so we won't get it
>> :-<
>>
>>>
>>> Maybe I need to step through API2's addSession() method. I stopped
>>> stepping
>>> through code when I moved to Java development 10 years back !. Or I need
>>> to
>>> figure out the basics of all that's going on inside addSession(),
>>> especially
>>> Lift-related, then maybe I can stick to my no-stepping-through-code
>>> attitude
>>> !
>>>
>>> Tried it again just now after shutting down a Tomcat instance of Esme
>>> leaving Esme user, imtiaz2, logged in...got the same '403 Forbidden' in
>>> the
>>> dumped header.
>>> Imtiaz
>>>
>>> ----- Original Message ----- From: "Ethan Jewett" <es...@gmail.com>
>>> To: <es...@incubator.apache.org>
>>> Cc: <in...@gmail.com>
>>> Sent: Monday, July 12, 2010 7:35 PM
>>> Subject: Re: integration-admin role required for api2 calls ?
>>>
>>>
>>> For me, the following works fine:
>>>
>>> curl --dump-header headers -d "token=KMETDTRX01VV5MVS1RHV2CNGMUKENUB3"
>>> http://localhost:8080/api2/session
>>>
>>> Returns:
>>>
>>> <?xml version="1.0" encoding="UTF-8"?>
>>>
>>>
>>> <api><session><user><id>24</id><nickname>test</nickname><image>None</image><whole_name>Ethan
>>> Jewett</whole_name></user></session></api>
>>>
>>> Headers (from "cat headers"): HTTP/1.1 200 OK
>>> Expires: Mon, 12 Jul 2010 14:02:15 UTC
>>> Set-Cookie: JSESSIONID=2041ucsme2i8;Path=/
>>> Content-Length: 179
>>> Date: Mon, 12 Jul 2010 14:02:15 UTC
>>> Pragma: no-cache
>>> Content-Type: text/xml; charset=utf-8
>>> Cache-Control: no-cache; private; no-store
>>> X-Lift-Version: 2.0-SNAPSHOT
>>> Server: Jetty(6.1.22)
>>>
>>> If you can confirm that the token exists in your installation, then we
>>> have some sort of bug that I am unable to recreate at the moment and
>>> we'll need to dig into it further.
>>>
>>> Ethan
>>>
>>>
>>> On Mon, Jul 12, 2010 at 9:30 AM, Vassil Dichev <vd...@apache.org>
>>> wrote:
>>>>
>>>> It might also mean that there's no such URL so you have no access to
>>>> such a resource.
>>>>
>>>> On Mon, Jul 12, 2010 at 10:09 AM, <in...@gmail.com> wrote:
>>>>>
>>>>> Why am I getting 403, the token is exactly as got from one of the
>>>>> users
>>>>> in the UI without an integration-admin role.
>>>>>
>>>>> Sent from BlackBerryŽ on Airtel
>>>>>
>>>>> -----Original Message-----
>>>>> From: Richard Hirsch <hi...@gmail.com>
>>>>> Date: Mon, 12 Jul 2010 09:05:21
>>>>> To: <es...@incubator.apache.org>
>>>>> Reply-To: esme-dev@incubator.apache.org
>>>>> Subject: Re: integration-admin role required for api2 calls ?
>>>>>
>>>>> you don't need the role to login in via the session method . You just
>>>>> need the role when creating users or tokens via the api2.
>>>>>
>>>>> D.
>>>>>
>>>>> On Mon, Jul 12, 2010 at 9:01 AM, Imtiaz Ahmed H E
>>>>> <in...@gmail.com>
>>>>> wrote:
>>>>>>
>>>>>> and how do you get this role ? Not having that role is probably why
>>>>>> I'm
>>>>>> getting '403 Forbidden' in the following...
>>>>>>
>>>>>>
>>>>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>>>>> $ curl --dump-header headers -d
>>>>>> "token=RCJ44VUZEOEES3NR1EZEIK32PF1BNOBQ"
>>>>>> http:/
>>>>>> /localhost:8080/api2/session
>>>>>>
>>>>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>>>>> $ cat headers
>>>>>> HTTP/1.1 403 Forbidden
>>>>>> Expires: Sun, 11 Jul 2010 08:29:09 UTC
>>>>>> Set-Cookie: JSESSIONID=d8a63eqezeownsy8qnayuhwy;Path=/
>>>>>> Content-Length: 0
>>>>>> Date: Sun, 11 Jul 2010 08:29:09 UTC
>>>>>> Pragma: no-cache
>>>>>> Content-Type: text/plain; charset=utf-8
>>>>>> Cache-Control: no-cache; private; no-store
>>>>>> X-Lift-Version: 2.0-SNAPSHOT
>>>>>> Server: Jetty(6.1.24)
>>>>>>
>>>>>>
>>>>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>>>>> $
>>>>>>
>>>>>> Imtiaz
>>>>>
>>>>
>>>
>>
>>
>
>
Re: integration-admin role required for api2 calls ?
Posted by Ethan Jewett <es...@gmail.com>.
Hi Imtiaz,
It looks like it's not finding the token when you are running using
Jetty. Since I believe ESME will use a different datastore when
running under Tomcat than it uses when running under Jetty, I think
you will need to create a user and a token under Jetty, then use that
token.
Does that sound right to you? I could be totally off-base here, but
that would be the first thing to check.
If the token really does exist under Jetty, then can you change your
println statement to the following and we'll go from there:
auth <- { println("****token = " + token)
Thanks,
Ethan
2010/7/15 Imtiaz Ahmed H E <in...@gmail.com>:
> Ethan, hopefully you will be able to point me the way here...
>
> I have included in this mail at the end, addSession() in API2.scala with
> some debug println's introduced. With this here's what I get----
>
> -------------------------------------------------------------------------------------------
> ------------------With mvn install and executing Esme in Tomcat curl output
> is ---------------------
>
> imtiaz@imtiaz-20100131 /cygdrive/d/temp
> $ curl --dump-header headers -d "token=HEZTQKM525SAMIPN4EDVRUOGHI40AKBL"
> http:/
> /localhost:8080/esme-server-apache-esme-1.0-RC1-incubating/api2/session
> <?xml version="1.0" encoding="UTF-8"?>
> <api><session><user><id>3</id><nickname>imtiaz2</nickname><image>None</image><w
> ole_name>I A 2 H E</whole_name></user></session></api>
>
> imtiaz@imtiaz-20100131 /cygdrive/d/temp
> $ cat headers
> HTTP/1.1 200 OK
> Server: Apache-Coyote/1.1
> Set-Cookie: JSESSIONID=C60F80AD16EFD5BE6E55231EE6C7651D;
> Path=/esme-server-apac
> e-esme-1.0-RC1-incubating
> Expires: Thu, 15 Jul 2010 13:44:35 UTC
> Date: Thu, 15 Jul 2010 13:44:35 GMT
> Pragma: no-cache
> Cache-Control: no-cache; private; no-store
> X-Lift-Version: 2.0-SNAPSHOT
> Content-Type: text/xml;charset=utf-8
> Content-Length: 178
>
>
> imtiaz@imtiaz-20100131 /cygdrive/d/temp
> $
>
> -------------------------and in the Tomcat log
> window....------------------------------
>
> INFO: Server startup in 25875 ms
> ****auth =
> Full(org.apache.esme.model.AuthToken={user=3,uniqueId=HEZTQKM525SAMIP
> N4EDVRUOGHI40AKBL,createdDate=Sun, 11 Jul 2010 11:47:30
> UTC,id=2,description=MyS
> econdToken})
> ****user =
> Full(org.apache.esme.model.User={validated=false,uniqueId=0ZYRGE1WUDQ
> 5EZJTPZBAV5OIB5AHX0PK,nickname=imtiaz2,firstName=I A 2,lastName=H
> E,imageUrl=,ti
> mezone=Asia/Calcutta,superUser=false,locale=en_US,id=3})
> INFO - Service request (POST)
> /esme-server-apache-esme-1.0-RC1-incubating/api2/s
> ession took 218 Milliseconds
> WARN - Going to buffer response body of large or unknown size. Using
> getResponse
> BodyAsStream instead is recommended.
>
> ------------------------------------------------------------------------------
> ---------------------------With mvn jetty:run and curl output is
> ----------------------------
>
> imtiaz@imtiaz-20100131 /cygdrive/d/temp
> $ rm headers
>
> imtiaz@imtiaz-20100131 /cygdrive/d/temp
> $ curl --dump-header headers -d "token=HEZTQKM525SAMIPN4EDVRUOGHI40AKBL"
> http:/
> /localhost:8080/api2/session
>
> imtiaz@imtiaz-20100131 /cygdrive/d/temp
> $ cat headers
> HTTP/1.1 403 Forbidden
> Expires: Thu, 15 Jul 2010 13:49:54 UTC
> Set-Cookie: JSESSIONID=1eie2xmbi5yj71aagff9u961sm;Path=/
> Content-Length: 0
> Date: Thu, 15 Jul 2010 13:49:54 UTC
> Pragma: no-cache
> Content-Type: text/plain; charset=utf-8
> Cache-Control: no-cache; private; no-store
> X-Lift-Version: 2.0-SNAPSHOT
> Server: Jetty(6.1.24)
>
>
> imtiaz@imtiaz-20100131 /cygdrive/d/temp
> $
>
> ----------------------------------and in the jetty log
> window-------------------------------------
>
> [INFO] Started Jetty Server
> ****auth = Empty
> INFO - Service request (POST) /api2/session took 328 Milliseconds
>
> -------------------------------------------------------------------------------------------------
> ---------------------- addSession in API2 with with debug println's as
> follows-------------------
>
> def addSession(): LiftResponse = {
> val r: Box[Tuple3[Int,Map[String,String],Box[Elem]]] = if
> (User.loggedIn_?) Empty else
> for(token <- S.param("token")) yield {
> val ret: Box[Tuple3[Int,Map[String,String],Box[Elem]]] = for {
> auth <- { println("****auth = " +
> AuthToken.find(By(AuthToken.uniqueId, token)))
> AuthToken.find(By(AuthToken.uniqueId, token)) }
> user <- { println("****user = " + auth.user.obj)
> auth.user.obj }
> val user_xml: Elem = <session>{userToXml(user)}</session>
> } yield {
> User.logUserIn(user)
> val myActor = buildActor(user.id)
> messageRestActor(Full(myActor))
> userRoles(AuthRole("integration-admin"))
> (200,Map(),Full(user_xml))
> }
>
> ret openOr (403,Map(),Empty)
> }
>
> r
> }
>
>
>
> Imtiaz
> Imtiaz Ahmed H E
> Cell +91.98452 84561
> Bangalore, India
>
>
>
>
> ----- Original Message ----- From: "Richard Hirsch" <hi...@gmail.com>
> To: <es...@incubator.apache.org>
> Sent: Tuesday, July 13, 2010 9:54 AM
> Subject: Re: integration-admin role required for api2 calls ?
>
>
> 2010/7/13 Imtiaz Ahmed H E <in...@gmail.com>:
>>
>> Why is that you don't need to include "Esme" as in
>> http://localhost:8080/esme/api2/session but instead you say
>> "http://localhost:8080/api2/session" when you use
>> mvn jetty:run instead of Tomcat to use api2. The api seems to work
>> correctly
>> when invoked when running in Tomcat.
>
> In Tomcat you can have different applications running in the
> container. Every time you put a war or ear file in Tomcat's webapps
> directory, the files are extracted and the application is then
> available using the name of the war/ear file file. Using mvn jetty:run
> - there is just one application deployed (esme) and therefore, there
> is no need for "esme" in the url.
>
>>
>> Imtiaz
>>
>> ----- Original Message ----- From: "Richard Hirsch"
>> <hi...@gmail.com>
>> To: <es...@incubator.apache.org>
>> Sent: Monday, July 12, 2010 8:13 PM
>> Subject: Re: integration-admin role required for api2 calls ?
>>
>>
>> On Mon, Jul 12, 2010 at 4:28 PM, Imtiaz Ahmed H E <in...@gmail.com>
>> wrote:
>>>
>>> BTW, the steps I follow are:
>>>
>>> 1. mvn jetty:run
>>> 2. Open cygwin prompt
>>> 3, Execute curl commands.
>>
>> What command do you run in curl?
>>
>> When you run jetty - tomcat must be shut down. It usually listens on
>> the same 8080 port.
>>
>>>
>>> When previously opened Esme may have been left in logged in OR logged out
>>> state...
>>>
>>> Please find attached a jpg with the My Tokens page of ESME showing the
>>> token
>>> I have used in my curl command to dump headers.
>>
>> The esme-dev mailer usually deletes all attachments - so we won't get it
>> :-<
>>
>>>
>>> Maybe I need to step through API2's addSession() method. I stopped
>>> stepping
>>> through code when I moved to Java development 10 years back !. Or I need
>>> to
>>> figure out the basics of all that's going on inside addSession(),
>>> especially
>>> Lift-related, then maybe I can stick to my no-stepping-through-code
>>> attitude
>>> !
>>>
>>> Tried it again just now after shutting down a Tomcat instance of Esme
>>> leaving Esme user, imtiaz2, logged in...got the same '403 Forbidden' in
>>> the
>>> dumped header.
>>> Imtiaz
>>>
>>> ----- Original Message ----- From: "Ethan Jewett" <es...@gmail.com>
>>> To: <es...@incubator.apache.org>
>>> Cc: <in...@gmail.com>
>>> Sent: Monday, July 12, 2010 7:35 PM
>>> Subject: Re: integration-admin role required for api2 calls ?
>>>
>>>
>>> For me, the following works fine:
>>>
>>> curl --dump-header headers -d "token=KMETDTRX01VV5MVS1RHV2CNGMUKENUB3"
>>> http://localhost:8080/api2/session
>>>
>>> Returns:
>>>
>>> <?xml version="1.0" encoding="UTF-8"?>
>>>
>>>
>>> <api><session><user><id>24</id><nickname>test</nickname><image>None</image><whole_name>Ethan
>>> Jewett</whole_name></user></session></api>
>>>
>>> Headers (from "cat headers"): HTTP/1.1 200 OK
>>> Expires: Mon, 12 Jul 2010 14:02:15 UTC
>>> Set-Cookie: JSESSIONID=2041ucsme2i8;Path=/
>>> Content-Length: 179
>>> Date: Mon, 12 Jul 2010 14:02:15 UTC
>>> Pragma: no-cache
>>> Content-Type: text/xml; charset=utf-8
>>> Cache-Control: no-cache; private; no-store
>>> X-Lift-Version: 2.0-SNAPSHOT
>>> Server: Jetty(6.1.22)
>>>
>>> If you can confirm that the token exists in your installation, then we
>>> have some sort of bug that I am unable to recreate at the moment and
>>> we'll need to dig into it further.
>>>
>>> Ethan
>>>
>>>
>>> On Mon, Jul 12, 2010 at 9:30 AM, Vassil Dichev <vd...@apache.org>
>>> wrote:
>>>>
>>>> It might also mean that there's no such URL so you have no access to
>>>> such a resource.
>>>>
>>>> On Mon, Jul 12, 2010 at 10:09 AM, <in...@gmail.com> wrote:
>>>>>
>>>>> Why am I getting 403, the token is exactly as got from one of the users
>>>>> in the UI without an integration-admin role.
>>>>>
>>>>> Sent from BlackBerryŽ on Airtel
>>>>>
>>>>> -----Original Message-----
>>>>> From: Richard Hirsch <hi...@gmail.com>
>>>>> Date: Mon, 12 Jul 2010 09:05:21
>>>>> To: <es...@incubator.apache.org>
>>>>> Reply-To: esme-dev@incubator.apache.org
>>>>> Subject: Re: integration-admin role required for api2 calls ?
>>>>>
>>>>> you don't need the role to login in via the session method . You just
>>>>> need the role when creating users or tokens via the api2.
>>>>>
>>>>> D.
>>>>>
>>>>> On Mon, Jul 12, 2010 at 9:01 AM, Imtiaz Ahmed H E <in...@gmail.com>
>>>>> wrote:
>>>>>>
>>>>>> and how do you get this role ? Not having that role is probably why
>>>>>> I'm
>>>>>> getting '403 Forbidden' in the following...
>>>>>>
>>>>>>
>>>>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>>>>> $ curl --dump-header headers -d
>>>>>> "token=RCJ44VUZEOEES3NR1EZEIK32PF1BNOBQ"
>>>>>> http:/
>>>>>> /localhost:8080/api2/session
>>>>>>
>>>>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>>>>> $ cat headers
>>>>>> HTTP/1.1 403 Forbidden
>>>>>> Expires: Sun, 11 Jul 2010 08:29:09 UTC
>>>>>> Set-Cookie: JSESSIONID=d8a63eqezeownsy8qnayuhwy;Path=/
>>>>>> Content-Length: 0
>>>>>> Date: Sun, 11 Jul 2010 08:29:09 UTC
>>>>>> Pragma: no-cache
>>>>>> Content-Type: text/plain; charset=utf-8
>>>>>> Cache-Control: no-cache; private; no-store
>>>>>> X-Lift-Version: 2.0-SNAPSHOT
>>>>>> Server: Jetty(6.1.24)
>>>>>>
>>>>>>
>>>>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>>>>> $
>>>>>>
>>>>>> Imtiaz
>>>>>
>>>>
>>>
>>
>>
>
>
Re: integration-admin role required for api2 calls ?
Posted by Imtiaz Ahmed H E <in...@gmail.com>.
Ethan, hopefully you will be able to point me the way here...
I have included in this mail at the end, addSession() in API2.scala with
some debug println's introduced. With this here's what I get----
-------------------------------------------------------------------------------------------
------------------With mvn install and executing Esme in Tomcat curl output
is ---------------------
imtiaz@imtiaz-20100131 /cygdrive/d/temp
$ curl --dump-header headers -d "token=HEZTQKM525SAMIPN4EDVRUOGHI40AKBL"
http:/
/localhost:8080/esme-server-apache-esme-1.0-RC1-incubating/api2/session
<?xml version="1.0" encoding="UTF-8"?>
<api><session><user><id>3</id><nickname>imtiaz2</nickname><image>None</image><w
ole_name>I A 2 H E</whole_name></user></session></api>
imtiaz@imtiaz-20100131 /cygdrive/d/temp
$ cat headers
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=C60F80AD16EFD5BE6E55231EE6C7651D;
Path=/esme-server-apac
e-esme-1.0-RC1-incubating
Expires: Thu, 15 Jul 2010 13:44:35 UTC
Date: Thu, 15 Jul 2010 13:44:35 GMT
Pragma: no-cache
Cache-Control: no-cache; private; no-store
X-Lift-Version: 2.0-SNAPSHOT
Content-Type: text/xml;charset=utf-8
Content-Length: 178
imtiaz@imtiaz-20100131 /cygdrive/d/temp
$
-------------------------and in the Tomcat log
window....------------------------------
INFO: Server startup in 25875 ms
****auth =
Full(org.apache.esme.model.AuthToken={user=3,uniqueId=HEZTQKM525SAMIP
N4EDVRUOGHI40AKBL,createdDate=Sun, 11 Jul 2010 11:47:30
UTC,id=2,description=MyS
econdToken})
****user =
Full(org.apache.esme.model.User={validated=false,uniqueId=0ZYRGE1WUDQ
5EZJTPZBAV5OIB5AHX0PK,nickname=imtiaz2,firstName=I A 2,lastName=H
E,imageUrl=,ti
mezone=Asia/Calcutta,superUser=false,locale=en_US,id=3})
INFO - Service request (POST)
/esme-server-apache-esme-1.0-RC1-incubating/api2/s
ession took 218 Milliseconds
WARN - Going to buffer response body of large or unknown size. Using
getResponse
BodyAsStream instead is recommended.
------------------------------------------------------------------------------
---------------------------With mvn jetty:run and curl output
is ----------------------------
imtiaz@imtiaz-20100131 /cygdrive/d/temp
$ rm headers
imtiaz@imtiaz-20100131 /cygdrive/d/temp
$ curl --dump-header headers -d "token=HEZTQKM525SAMIPN4EDVRUOGHI40AKBL"
http:/
/localhost:8080/api2/session
imtiaz@imtiaz-20100131 /cygdrive/d/temp
$ cat headers
HTTP/1.1 403 Forbidden
Expires: Thu, 15 Jul 2010 13:49:54 UTC
Set-Cookie: JSESSIONID=1eie2xmbi5yj71aagff9u961sm;Path=/
Content-Length: 0
Date: Thu, 15 Jul 2010 13:49:54 UTC
Pragma: no-cache
Content-Type: text/plain; charset=utf-8
Cache-Control: no-cache; private; no-store
X-Lift-Version: 2.0-SNAPSHOT
Server: Jetty(6.1.24)
imtiaz@imtiaz-20100131 /cygdrive/d/temp
$
----------------------------------and in the jetty log
window-------------------------------------
[INFO] Started Jetty Server
****auth = Empty
INFO - Service request (POST) /api2/session took 328 Milliseconds
-------------------------------------------------------------------------------------------------
---------------------- addSession in API2 with with debug println's as
follows-------------------
def addSession(): LiftResponse = {
val r: Box[Tuple3[Int,Map[String,String],Box[Elem]]] = if
(User.loggedIn_?) Empty else
for(token <- S.param("token")) yield {
val ret: Box[Tuple3[Int,Map[String,String],Box[Elem]]] = for {
auth <- { println("****auth = " +
AuthToken.find(By(AuthToken.uniqueId, token)))
AuthToken.find(By(AuthToken.uniqueId, token)) }
user <- { println("****user = " + auth.user.obj)
auth.user.obj }
val user_xml: Elem = <session>{userToXml(user)}</session>
} yield {
User.logUserIn(user)
val myActor = buildActor(user.id)
messageRestActor(Full(myActor))
userRoles(AuthRole("integration-admin"))
(200,Map(),Full(user_xml))
}
ret openOr (403,Map(),Empty)
}
r
}
Imtiaz
Imtiaz Ahmed H E
Cell +91.98452 84561
Bangalore, India
----- Original Message -----
From: "Richard Hirsch" <hi...@gmail.com>
To: <es...@incubator.apache.org>
Sent: Tuesday, July 13, 2010 9:54 AM
Subject: Re: integration-admin role required for api2 calls ?
2010/7/13 Imtiaz Ahmed H E <in...@gmail.com>:
> Why is that you don't need to include "Esme" as in
> http://localhost:8080/esme/api2/session but instead you say
> "http://localhost:8080/api2/session" when you use
> mvn jetty:run instead of Tomcat to use api2. The api seems to work
> correctly
> when invoked when running in Tomcat.
In Tomcat you can have different applications running in the
container. Every time you put a war or ear file in Tomcat's webapps
directory, the files are extracted and the application is then
available using the name of the war/ear file file. Using mvn jetty:run
- there is just one application deployed (esme) and therefore, there
is no need for "esme" in the url.
>
> Imtiaz
>
> ----- Original Message ----- From: "Richard Hirsch"
> <hi...@gmail.com>
> To: <es...@incubator.apache.org>
> Sent: Monday, July 12, 2010 8:13 PM
> Subject: Re: integration-admin role required for api2 calls ?
>
>
> On Mon, Jul 12, 2010 at 4:28 PM, Imtiaz Ahmed H E <in...@gmail.com>
> wrote:
>>
>> BTW, the steps I follow are:
>>
>> 1. mvn jetty:run
>> 2. Open cygwin prompt
>> 3, Execute curl commands.
>
> What command do you run in curl?
>
> When you run jetty - tomcat must be shut down. It usually listens on
> the same 8080 port.
>
>>
>> When previously opened Esme may have been left in logged in OR logged out
>> state...
>>
>> Please find attached a jpg with the My Tokens page of ESME showing the
>> token
>> I have used in my curl command to dump headers.
>
> The esme-dev mailer usually deletes all attachments - so we won't get it
> :-<
>
>>
>> Maybe I need to step through API2's addSession() method. I stopped
>> stepping
>> through code when I moved to Java development 10 years back !. Or I need
>> to
>> figure out the basics of all that's going on inside addSession(),
>> especially
>> Lift-related, then maybe I can stick to my no-stepping-through-code
>> attitude
>> !
>>
>> Tried it again just now after shutting down a Tomcat instance of Esme
>> leaving Esme user, imtiaz2, logged in...got the same '403 Forbidden' in
>> the
>> dumped header.
>> Imtiaz
>>
>> ----- Original Message ----- From: "Ethan Jewett" <es...@gmail.com>
>> To: <es...@incubator.apache.org>
>> Cc: <in...@gmail.com>
>> Sent: Monday, July 12, 2010 7:35 PM
>> Subject: Re: integration-admin role required for api2 calls ?
>>
>>
>> For me, the following works fine:
>>
>> curl --dump-header headers -d "token=KMETDTRX01VV5MVS1RHV2CNGMUKENUB3"
>> http://localhost:8080/api2/session
>>
>> Returns:
>>
>> <?xml version="1.0" encoding="UTF-8"?>
>>
>> <api><session><user><id>24</id><nickname>test</nickname><image>None</image><whole_name>Ethan
>> Jewett</whole_name></user></session></api>
>>
>> Headers (from "cat headers"): HTTP/1.1 200 OK
>> Expires: Mon, 12 Jul 2010 14:02:15 UTC
>> Set-Cookie: JSESSIONID=2041ucsme2i8;Path=/
>> Content-Length: 179
>> Date: Mon, 12 Jul 2010 14:02:15 UTC
>> Pragma: no-cache
>> Content-Type: text/xml; charset=utf-8
>> Cache-Control: no-cache; private; no-store
>> X-Lift-Version: 2.0-SNAPSHOT
>> Server: Jetty(6.1.22)
>>
>> If you can confirm that the token exists in your installation, then we
>> have some sort of bug that I am unable to recreate at the moment and
>> we'll need to dig into it further.
>>
>> Ethan
>>
>>
>> On Mon, Jul 12, 2010 at 9:30 AM, Vassil Dichev <vd...@apache.org>
>> wrote:
>>>
>>> It might also mean that there's no such URL so you have no access to
>>> such a resource.
>>>
>>> On Mon, Jul 12, 2010 at 10:09 AM, <in...@gmail.com> wrote:
>>>>
>>>> Why am I getting 403, the token is exactly as got from one of the users
>>>> in the UI without an integration-admin role.
>>>>
>>>> Sent from BlackBerryŽ on Airtel
>>>>
>>>> -----Original Message-----
>>>> From: Richard Hirsch <hi...@gmail.com>
>>>> Date: Mon, 12 Jul 2010 09:05:21
>>>> To: <es...@incubator.apache.org>
>>>> Reply-To: esme-dev@incubator.apache.org
>>>> Subject: Re: integration-admin role required for api2 calls ?
>>>>
>>>> you don't need the role to login in via the session method . You just
>>>> need the role when creating users or tokens via the api2.
>>>>
>>>> D.
>>>>
>>>> On Mon, Jul 12, 2010 at 9:01 AM, Imtiaz Ahmed H E <in...@gmail.com>
>>>> wrote:
>>>>>
>>>>> and how do you get this role ? Not having that role is probably why
>>>>> I'm
>>>>> getting '403 Forbidden' in the following...
>>>>>
>>>>>
>>>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>>>> $ curl --dump-header headers -d
>>>>> "token=RCJ44VUZEOEES3NR1EZEIK32PF1BNOBQ"
>>>>> http:/
>>>>> /localhost:8080/api2/session
>>>>>
>>>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>>>> $ cat headers
>>>>> HTTP/1.1 403 Forbidden
>>>>> Expires: Sun, 11 Jul 2010 08:29:09 UTC
>>>>> Set-Cookie: JSESSIONID=d8a63eqezeownsy8qnayuhwy;Path=/
>>>>> Content-Length: 0
>>>>> Date: Sun, 11 Jul 2010 08:29:09 UTC
>>>>> Pragma: no-cache
>>>>> Content-Type: text/plain; charset=utf-8
>>>>> Cache-Control: no-cache; private; no-store
>>>>> X-Lift-Version: 2.0-SNAPSHOT
>>>>> Server: Jetty(6.1.24)
>>>>>
>>>>>
>>>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>>>> $
>>>>>
>>>>> Imtiaz
>>>>
>>>
>>
>
>
Re: integration-admin role required for api2 calls ?
Posted by Richard Hirsch <hi...@gmail.com>.
2010/7/13 Imtiaz Ahmed H E <in...@gmail.com>:
> Why is that you don't need to include "Esme" as in
> http://localhost:8080/esme/api2/session but instead you say
> "http://localhost:8080/api2/session" when you use
> mvn jetty:run instead of Tomcat to use api2. The api seems to work correctly
> when invoked when running in Tomcat.
In Tomcat you can have different applications running in the
container. Every time you put a war or ear file in Tomcat's webapps
directory, the files are extracted and the application is then
available using the name of the war/ear file file. Using mvn jetty:run
- there is just one application deployed (esme) and therefore, there
is no need for "esme" in the url.
>
> Imtiaz
>
> ----- Original Message ----- From: "Richard Hirsch" <hi...@gmail.com>
> To: <es...@incubator.apache.org>
> Sent: Monday, July 12, 2010 8:13 PM
> Subject: Re: integration-admin role required for api2 calls ?
>
>
> On Mon, Jul 12, 2010 at 4:28 PM, Imtiaz Ahmed H E <in...@gmail.com>
> wrote:
>>
>> BTW, the steps I follow are:
>>
>> 1. mvn jetty:run
>> 2. Open cygwin prompt
>> 3, Execute curl commands.
>
> What command do you run in curl?
>
> When you run jetty - tomcat must be shut down. It usually listens on
> the same 8080 port.
>
>>
>> When previously opened Esme may have been left in logged in OR logged out
>> state...
>>
>> Please find attached a jpg with the My Tokens page of ESME showing the
>> token
>> I have used in my curl command to dump headers.
>
> The esme-dev mailer usually deletes all attachments - so we won't get it :-<
>
>>
>> Maybe I need to step through API2's addSession() method. I stopped
>> stepping
>> through code when I moved to Java development 10 years back !. Or I need
>> to
>> figure out the basics of all that's going on inside addSession(),
>> especially
>> Lift-related, then maybe I can stick to my no-stepping-through-code
>> attitude
>> !
>>
>> Tried it again just now after shutting down a Tomcat instance of Esme
>> leaving Esme user, imtiaz2, logged in...got the same '403 Forbidden' in
>> the
>> dumped header.
>> Imtiaz
>>
>> ----- Original Message ----- From: "Ethan Jewett" <es...@gmail.com>
>> To: <es...@incubator.apache.org>
>> Cc: <in...@gmail.com>
>> Sent: Monday, July 12, 2010 7:35 PM
>> Subject: Re: integration-admin role required for api2 calls ?
>>
>>
>> For me, the following works fine:
>>
>> curl --dump-header headers -d "token=KMETDTRX01VV5MVS1RHV2CNGMUKENUB3"
>> http://localhost:8080/api2/session
>>
>> Returns:
>>
>> <?xml version="1.0" encoding="UTF-8"?>
>>
>> <api><session><user><id>24</id><nickname>test</nickname><image>None</image><whole_name>Ethan
>> Jewett</whole_name></user></session></api>
>>
>> Headers (from "cat headers"): HTTP/1.1 200 OK
>> Expires: Mon, 12 Jul 2010 14:02:15 UTC
>> Set-Cookie: JSESSIONID=2041ucsme2i8;Path=/
>> Content-Length: 179
>> Date: Mon, 12 Jul 2010 14:02:15 UTC
>> Pragma: no-cache
>> Content-Type: text/xml; charset=utf-8
>> Cache-Control: no-cache; private; no-store
>> X-Lift-Version: 2.0-SNAPSHOT
>> Server: Jetty(6.1.22)
>>
>> If you can confirm that the token exists in your installation, then we
>> have some sort of bug that I am unable to recreate at the moment and
>> we'll need to dig into it further.
>>
>> Ethan
>>
>>
>> On Mon, Jul 12, 2010 at 9:30 AM, Vassil Dichev <vd...@apache.org> wrote:
>>>
>>> It might also mean that there's no such URL so you have no access to
>>> such a resource.
>>>
>>> On Mon, Jul 12, 2010 at 10:09 AM, <in...@gmail.com> wrote:
>>>>
>>>> Why am I getting 403, the token is exactly as got from one of the users
>>>> in the UI without an integration-admin role.
>>>>
>>>> Sent from BlackBerryŽ on Airtel
>>>>
>>>> -----Original Message-----
>>>> From: Richard Hirsch <hi...@gmail.com>
>>>> Date: Mon, 12 Jul 2010 09:05:21
>>>> To: <es...@incubator.apache.org>
>>>> Reply-To: esme-dev@incubator.apache.org
>>>> Subject: Re: integration-admin role required for api2 calls ?
>>>>
>>>> you don't need the role to login in via the session method . You just
>>>> need the role when creating users or tokens via the api2.
>>>>
>>>> D.
>>>>
>>>> On Mon, Jul 12, 2010 at 9:01 AM, Imtiaz Ahmed H E <in...@gmail.com>
>>>> wrote:
>>>>>
>>>>> and how do you get this role ? Not having that role is probably why I'm
>>>>> getting '403 Forbidden' in the following...
>>>>>
>>>>>
>>>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>>>> $ curl --dump-header headers -d
>>>>> "token=RCJ44VUZEOEES3NR1EZEIK32PF1BNOBQ"
>>>>> http:/
>>>>> /localhost:8080/api2/session
>>>>>
>>>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>>>> $ cat headers
>>>>> HTTP/1.1 403 Forbidden
>>>>> Expires: Sun, 11 Jul 2010 08:29:09 UTC
>>>>> Set-Cookie: JSESSIONID=d8a63eqezeownsy8qnayuhwy;Path=/
>>>>> Content-Length: 0
>>>>> Date: Sun, 11 Jul 2010 08:29:09 UTC
>>>>> Pragma: no-cache
>>>>> Content-Type: text/plain; charset=utf-8
>>>>> Cache-Control: no-cache; private; no-store
>>>>> X-Lift-Version: 2.0-SNAPSHOT
>>>>> Server: Jetty(6.1.24)
>>>>>
>>>>>
>>>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>>>> $
>>>>>
>>>>> Imtiaz
>>>>
>>>
>>
>
>
Re: integration-admin role required for api2 calls ?
Posted by Imtiaz Ahmed H E <in...@gmail.com>.
Why is that you don't need to include "Esme" as in
http://localhost:8080/esme/api2/session but instead you say
"http://localhost:8080/api2/session" when you use
mvn jetty:run instead of Tomcat to use api2. The api seems to work correctly
when invoked when running in Tomcat.
Imtiaz
----- Original Message -----
From: "Richard Hirsch" <hi...@gmail.com>
To: <es...@incubator.apache.org>
Sent: Monday, July 12, 2010 8:13 PM
Subject: Re: integration-admin role required for api2 calls ?
On Mon, Jul 12, 2010 at 4:28 PM, Imtiaz Ahmed H E <in...@gmail.com>
wrote:
> BTW, the steps I follow are:
>
> 1. mvn jetty:run
> 2. Open cygwin prompt
> 3, Execute curl commands.
What command do you run in curl?
When you run jetty - tomcat must be shut down. It usually listens on
the same 8080 port.
>
> When previously opened Esme may have been left in logged in OR logged out
> state...
>
> Please find attached a jpg with the My Tokens page of ESME showing the
> token
> I have used in my curl command to dump headers.
The esme-dev mailer usually deletes all attachments - so we won't get it :-<
>
> Maybe I need to step through API2's addSession() method. I stopped
> stepping
> through code when I moved to Java development 10 years back !. Or I need
> to
> figure out the basics of all that's going on inside addSession(),
> especially
> Lift-related, then maybe I can stick to my no-stepping-through-code
> attitude
> !
>
> Tried it again just now after shutting down a Tomcat instance of Esme
> leaving Esme user, imtiaz2, logged in...got the same '403 Forbidden' in
> the
> dumped header.
> Imtiaz
>
> ----- Original Message ----- From: "Ethan Jewett" <es...@gmail.com>
> To: <es...@incubator.apache.org>
> Cc: <in...@gmail.com>
> Sent: Monday, July 12, 2010 7:35 PM
> Subject: Re: integration-admin role required for api2 calls ?
>
>
> For me, the following works fine:
>
> curl --dump-header headers -d "token=KMETDTRX01VV5MVS1RHV2CNGMUKENUB3"
> http://localhost:8080/api2/session
>
> Returns:
>
> <?xml version="1.0" encoding="UTF-8"?>
> <api><session><user><id>24</id><nickname>test</nickname><image>None</image><whole_name>Ethan
> Jewett</whole_name></user></session></api>
>
> Headers (from "cat headers"): HTTP/1.1 200 OK
> Expires: Mon, 12 Jul 2010 14:02:15 UTC
> Set-Cookie: JSESSIONID=2041ucsme2i8;Path=/
> Content-Length: 179
> Date: Mon, 12 Jul 2010 14:02:15 UTC
> Pragma: no-cache
> Content-Type: text/xml; charset=utf-8
> Cache-Control: no-cache; private; no-store
> X-Lift-Version: 2.0-SNAPSHOT
> Server: Jetty(6.1.22)
>
> If you can confirm that the token exists in your installation, then we
> have some sort of bug that I am unable to recreate at the moment and
> we'll need to dig into it further.
>
> Ethan
>
>
> On Mon, Jul 12, 2010 at 9:30 AM, Vassil Dichev <vd...@apache.org> wrote:
>>
>> It might also mean that there's no such URL so you have no access to
>> such a resource.
>>
>> On Mon, Jul 12, 2010 at 10:09 AM, <in...@gmail.com> wrote:
>>>
>>> Why am I getting 403, the token is exactly as got from one of the users
>>> in the UI without an integration-admin role.
>>>
>>> Sent from BlackBerryŽ on Airtel
>>>
>>> -----Original Message-----
>>> From: Richard Hirsch <hi...@gmail.com>
>>> Date: Mon, 12 Jul 2010 09:05:21
>>> To: <es...@incubator.apache.org>
>>> Reply-To: esme-dev@incubator.apache.org
>>> Subject: Re: integration-admin role required for api2 calls ?
>>>
>>> you don't need the role to login in via the session method . You just
>>> need the role when creating users or tokens via the api2.
>>>
>>> D.
>>>
>>> On Mon, Jul 12, 2010 at 9:01 AM, Imtiaz Ahmed H E <in...@gmail.com>
>>> wrote:
>>>>
>>>> and how do you get this role ? Not having that role is probably why I'm
>>>> getting '403 Forbidden' in the following...
>>>>
>>>>
>>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>>> $ curl --dump-header headers -d
>>>> "token=RCJ44VUZEOEES3NR1EZEIK32PF1BNOBQ"
>>>> http:/
>>>> /localhost:8080/api2/session
>>>>
>>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>>> $ cat headers
>>>> HTTP/1.1 403 Forbidden
>>>> Expires: Sun, 11 Jul 2010 08:29:09 UTC
>>>> Set-Cookie: JSESSIONID=d8a63eqezeownsy8qnayuhwy;Path=/
>>>> Content-Length: 0
>>>> Date: Sun, 11 Jul 2010 08:29:09 UTC
>>>> Pragma: no-cache
>>>> Content-Type: text/plain; charset=utf-8
>>>> Cache-Control: no-cache; private; no-store
>>>> X-Lift-Version: 2.0-SNAPSHOT
>>>> Server: Jetty(6.1.24)
>>>>
>>>>
>>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>>> $
>>>>
>>>> Imtiaz
>>>
>>
>
Re: integration-admin role required for api2 calls ?
Posted by Richard Hirsch <hi...@gmail.com>.
On Mon, Jul 12, 2010 at 4:28 PM, Imtiaz Ahmed H E <in...@gmail.com> wrote:
> BTW, the steps I follow are:
>
> 1. mvn jetty:run
> 2. Open cygwin prompt
> 3, Execute curl commands.
What command do you run in curl?
When you run jetty - tomcat must be shut down. It usually listens on
the same 8080 port.
>
> When previously opened Esme may have been left in logged in OR logged out
> state...
>
> Please find attached a jpg with the My Tokens page of ESME showing the token
> I have used in my curl command to dump headers.
The esme-dev mailer usually deletes all attachments - so we won't get it :-<
>
> Maybe I need to step through API2's addSession() method. I stopped stepping
> through code when I moved to Java development 10 years back !. Or I need to
> figure out the basics of all that's going on inside addSession(), especially
> Lift-related, then maybe I can stick to my no-stepping-through-code attitude
> !
>
> Tried it again just now after shutting down a Tomcat instance of Esme
> leaving Esme user, imtiaz2, logged in...got the same '403 Forbidden' in the
> dumped header.
> Imtiaz
>
> ----- Original Message ----- From: "Ethan Jewett" <es...@gmail.com>
> To: <es...@incubator.apache.org>
> Cc: <in...@gmail.com>
> Sent: Monday, July 12, 2010 7:35 PM
> Subject: Re: integration-admin role required for api2 calls ?
>
>
> For me, the following works fine:
>
> curl --dump-header headers -d "token=KMETDTRX01VV5MVS1RHV2CNGMUKENUB3"
> http://localhost:8080/api2/session
>
> Returns:
>
> <?xml version="1.0" encoding="UTF-8"?>
> <api><session><user><id>24</id><nickname>test</nickname><image>None</image><whole_name>Ethan
> Jewett</whole_name></user></session></api>
>
> Headers (from "cat headers"): HTTP/1.1 200 OK
> Expires: Mon, 12 Jul 2010 14:02:15 UTC
> Set-Cookie: JSESSIONID=2041ucsme2i8;Path=/
> Content-Length: 179
> Date: Mon, 12 Jul 2010 14:02:15 UTC
> Pragma: no-cache
> Content-Type: text/xml; charset=utf-8
> Cache-Control: no-cache; private; no-store
> X-Lift-Version: 2.0-SNAPSHOT
> Server: Jetty(6.1.22)
>
> If you can confirm that the token exists in your installation, then we
> have some sort of bug that I am unable to recreate at the moment and
> we'll need to dig into it further.
>
> Ethan
>
>
> On Mon, Jul 12, 2010 at 9:30 AM, Vassil Dichev <vd...@apache.org> wrote:
>>
>> It might also mean that there's no such URL so you have no access to
>> such a resource.
>>
>> On Mon, Jul 12, 2010 at 10:09 AM, <in...@gmail.com> wrote:
>>>
>>> Why am I getting 403, the token is exactly as got from one of the users
>>> in the UI without an integration-admin role.
>>>
>>> Sent from BlackBerryŽ on Airtel
>>>
>>> -----Original Message-----
>>> From: Richard Hirsch <hi...@gmail.com>
>>> Date: Mon, 12 Jul 2010 09:05:21
>>> To: <es...@incubator.apache.org>
>>> Reply-To: esme-dev@incubator.apache.org
>>> Subject: Re: integration-admin role required for api2 calls ?
>>>
>>> you don't need the role to login in via the session method . You just
>>> need the role when creating users or tokens via the api2.
>>>
>>> D.
>>>
>>> On Mon, Jul 12, 2010 at 9:01 AM, Imtiaz Ahmed H E <in...@gmail.com>
>>> wrote:
>>>>
>>>> and how do you get this role ? Not having that role is probably why I'm
>>>> getting '403 Forbidden' in the following...
>>>>
>>>>
>>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>>> $ curl --dump-header headers -d "token=RCJ44VUZEOEES3NR1EZEIK32PF1BNOBQ"
>>>> http:/
>>>> /localhost:8080/api2/session
>>>>
>>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>>> $ cat headers
>>>> HTTP/1.1 403 Forbidden
>>>> Expires: Sun, 11 Jul 2010 08:29:09 UTC
>>>> Set-Cookie: JSESSIONID=d8a63eqezeownsy8qnayuhwy;Path=/
>>>> Content-Length: 0
>>>> Date: Sun, 11 Jul 2010 08:29:09 UTC
>>>> Pragma: no-cache
>>>> Content-Type: text/plain; charset=utf-8
>>>> Cache-Control: no-cache; private; no-store
>>>> X-Lift-Version: 2.0-SNAPSHOT
>>>> Server: Jetty(6.1.24)
>>>>
>>>>
>>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>>> $
>>>>
>>>> Imtiaz
>>>
>>
>
Re: integration-admin role required for api2 calls ?
Posted by Imtiaz Ahmed H E <in...@gmail.com>.
BTW, the steps I follow are:
1. mvn jetty:run
2. Open cygwin prompt
3, Execute curl commands.
When previously opened Esme may have been left in logged in OR logged out
state...
Please find attached a jpg with the My Tokens page of ESME showing the token
I have used in my curl command to dump headers.
Maybe I need to step through API2's addSession() method. I stopped stepping
through code when I moved to Java development 10 years back !. Or I need to
figure out the basics of all that's going on inside addSession(), especially
Lift-related, then maybe I can stick to my no-stepping-through-code attitude
!
Tried it again just now after shutting down a Tomcat instance of Esme
leaving Esme user, imtiaz2, logged in...got the same '403 Forbidden' in the
dumped header.
Imtiaz
----- Original Message -----
From: "Ethan Jewett" <es...@gmail.com>
To: <es...@incubator.apache.org>
Cc: <in...@gmail.com>
Sent: Monday, July 12, 2010 7:35 PM
Subject: Re: integration-admin role required for api2 calls ?
For me, the following works fine:
curl --dump-header headers -d "token=KMETDTRX01VV5MVS1RHV2CNGMUKENUB3"
http://localhost:8080/api2/session
Returns:
<?xml version="1.0" encoding="UTF-8"?>
<api><session><user><id>24</id><nickname>test</nickname><image>None</image><whole_name>Ethan
Jewett</whole_name></user></session></api>
Headers (from "cat headers"): HTTP/1.1 200 OK
Expires: Mon, 12 Jul 2010 14:02:15 UTC
Set-Cookie: JSESSIONID=2041ucsme2i8;Path=/
Content-Length: 179
Date: Mon, 12 Jul 2010 14:02:15 UTC
Pragma: no-cache
Content-Type: text/xml; charset=utf-8
Cache-Control: no-cache; private; no-store
X-Lift-Version: 2.0-SNAPSHOT
Server: Jetty(6.1.22)
If you can confirm that the token exists in your installation, then we
have some sort of bug that I am unable to recreate at the moment and
we'll need to dig into it further.
Ethan
On Mon, Jul 12, 2010 at 9:30 AM, Vassil Dichev <vd...@apache.org> wrote:
> It might also mean that there's no such URL so you have no access to
> such a resource.
>
> On Mon, Jul 12, 2010 at 10:09 AM, <in...@gmail.com> wrote:
>> Why am I getting 403, the token is exactly as got from one of the users
>> in the UI without an integration-admin role.
>>
>> Sent from BlackBerry® on Airtel
>>
>> -----Original Message-----
>> From: Richard Hirsch <hi...@gmail.com>
>> Date: Mon, 12 Jul 2010 09:05:21
>> To: <es...@incubator.apache.org>
>> Reply-To: esme-dev@incubator.apache.org
>> Subject: Re: integration-admin role required for api2 calls ?
>>
>> you don't need the role to login in via the session method . You just
>> need the role when creating users or tokens via the api2.
>>
>> D.
>>
>> On Mon, Jul 12, 2010 at 9:01 AM, Imtiaz Ahmed H E <in...@gmail.com>
>> wrote:
>>> and how do you get this role ? Not having that role is probably why I'm
>>> getting '403 Forbidden' in the following...
>>>
>>>
>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>> $ curl --dump-header headers -d "token=RCJ44VUZEOEES3NR1EZEIK32PF1BNOBQ"
>>> http:/
>>> /localhost:8080/api2/session
>>>
>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>> $ cat headers
>>> HTTP/1.1 403 Forbidden
>>> Expires: Sun, 11 Jul 2010 08:29:09 UTC
>>> Set-Cookie: JSESSIONID=d8a63eqezeownsy8qnayuhwy;Path=/
>>> Content-Length: 0
>>> Date: Sun, 11 Jul 2010 08:29:09 UTC
>>> Pragma: no-cache
>>> Content-Type: text/plain; charset=utf-8
>>> Cache-Control: no-cache; private; no-store
>>> X-Lift-Version: 2.0-SNAPSHOT
>>> Server: Jetty(6.1.24)
>>>
>>>
>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>> $
>>>
>>> Imtiaz
>>
>
Re: integration-admin role required for api2 calls ?
Posted by Ethan Jewett <es...@gmail.com>.
For me, the following works fine:
curl --dump-header headers -d "token=KMETDTRX01VV5MVS1RHV2CNGMUKENUB3"
http://localhost:8080/api2/session
Returns:
<?xml version="1.0" encoding="UTF-8"?>
<api><session><user><id>24</id><nickname>test</nickname><image>None</image><whole_name>Ethan
Jewett</whole_name></user></session></api>
Headers (from "cat headers"): HTTP/1.1 200 OK
Expires: Mon, 12 Jul 2010 14:02:15 UTC
Set-Cookie: JSESSIONID=2041ucsme2i8;Path=/
Content-Length: 179
Date: Mon, 12 Jul 2010 14:02:15 UTC
Pragma: no-cache
Content-Type: text/xml; charset=utf-8
Cache-Control: no-cache; private; no-store
X-Lift-Version: 2.0-SNAPSHOT
Server: Jetty(6.1.22)
If you can confirm that the token exists in your installation, then we
have some sort of bug that I am unable to recreate at the moment and
we'll need to dig into it further.
Ethan
On Mon, Jul 12, 2010 at 9:30 AM, Vassil Dichev <vd...@apache.org> wrote:
> It might also mean that there's no such URL so you have no access to
> such a resource.
>
> On Mon, Jul 12, 2010 at 10:09 AM, <in...@gmail.com> wrote:
>> Why am I getting 403, the token is exactly as got from one of the users in the UI without an integration-admin role.
>>
>> Sent from BlackBerry® on Airtel
>>
>> -----Original Message-----
>> From: Richard Hirsch <hi...@gmail.com>
>> Date: Mon, 12 Jul 2010 09:05:21
>> To: <es...@incubator.apache.org>
>> Reply-To: esme-dev@incubator.apache.org
>> Subject: Re: integration-admin role required for api2 calls ?
>>
>> you don't need the role to login in via the session method . You just
>> need the role when creating users or tokens via the api2.
>>
>> D.
>>
>> On Mon, Jul 12, 2010 at 9:01 AM, Imtiaz Ahmed H E <in...@gmail.com> wrote:
>>> and how do you get this role ? Not having that role is probably why I'm getting '403 Forbidden' in the following...
>>>
>>>
>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>> $ curl --dump-header headers -d "token=RCJ44VUZEOEES3NR1EZEIK32PF1BNOBQ"
>>> http:/
>>> /localhost:8080/api2/session
>>>
>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>> $ cat headers
>>> HTTP/1.1 403 Forbidden
>>> Expires: Sun, 11 Jul 2010 08:29:09 UTC
>>> Set-Cookie: JSESSIONID=d8a63eqezeownsy8qnayuhwy;Path=/
>>> Content-Length: 0
>>> Date: Sun, 11 Jul 2010 08:29:09 UTC
>>> Pragma: no-cache
>>> Content-Type: text/plain; charset=utf-8
>>> Cache-Control: no-cache; private; no-store
>>> X-Lift-Version: 2.0-SNAPSHOT
>>> Server: Jetty(6.1.24)
>>>
>>>
>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>> $
>>>
>>> Imtiaz
>>
>
Re: integration-admin role required for api2 calls ?
Posted by Vassil Dichev <vd...@apache.org>.
It might also mean that there's no such URL so you have no access to
such a resource.
On Mon, Jul 12, 2010 at 10:09 AM, <in...@gmail.com> wrote:
> Why am I getting 403, the token is exactly as got from one of the users in the UI without an integration-admin role.
>
> Sent from BlackBerry® on Airtel
>
> -----Original Message-----
> From: Richard Hirsch <hi...@gmail.com>
> Date: Mon, 12 Jul 2010 09:05:21
> To: <es...@incubator.apache.org>
> Reply-To: esme-dev@incubator.apache.org
> Subject: Re: integration-admin role required for api2 calls ?
>
> you don't need the role to login in via the session method . You just
> need the role when creating users or tokens via the api2.
>
> D.
>
> On Mon, Jul 12, 2010 at 9:01 AM, Imtiaz Ahmed H E <in...@gmail.com> wrote:
>> and how do you get this role ? Not having that role is probably why I'm getting '403 Forbidden' in the following...
>>
>>
>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>> $ curl --dump-header headers -d "token=RCJ44VUZEOEES3NR1EZEIK32PF1BNOBQ"
>> http:/
>> /localhost:8080/api2/session
>>
>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>> $ cat headers
>> HTTP/1.1 403 Forbidden
>> Expires: Sun, 11 Jul 2010 08:29:09 UTC
>> Set-Cookie: JSESSIONID=d8a63eqezeownsy8qnayuhwy;Path=/
>> Content-Length: 0
>> Date: Sun, 11 Jul 2010 08:29:09 UTC
>> Pragma: no-cache
>> Content-Type: text/plain; charset=utf-8
>> Cache-Control: no-cache; private; no-store
>> X-Lift-Version: 2.0-SNAPSHOT
>> Server: Jetty(6.1.24)
>>
>>
>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>> $
>>
>> Imtiaz
>
Re: integration-admin role required for api2 calls ?
Posted by Richard Hirsch <hi...@gmail.com>.
I just tried the old api and it works as well:
curl --dump-header headers -d "token=U3C5WWXGT1MITAF2E3XKV2LRXOFQCLO3"
http://localhost:8080/api/login
<?xml version="1.0" encoding="UTF-8"?>
<esme_api operation="login" success="true" ><xml:group></xml:group></esme_api>
I started with jetty:run
On Mon, Jul 12, 2010 at 4:08 PM, Imtiaz Ahmed H E <in...@gmail.com> wrote:
> Dick,
>
> The old API is not available in the current svn read only checkout (should
> be API.scala , I guess)
>
> Can you help ?
>
> Imtiaz
>
> ----- Original Message ----- From: "Richard Hirsch" <hi...@gmail.com>
> To: <es...@incubator.apache.org>; <in...@gmail.com>
> Sent: Monday, July 12, 2010 12:46 PM
> Subject: Re: integration-admin role required for api2 calls ?
>
>
> On Mon, Jul 12, 2010 at 9:09 AM, <in...@gmail.com> wrote:
>>
>> Why am I getting 403, the token is exactly as got from one of the users in
>> the UI without an integration-admin role.
>
> Are you sure that the token is correct?
>
> Ideas:
>
> * Start with mvn jetty:run and try ++++++ curl --dump-header headers
> -d "token=[YOUR_TOKEN]" http://localhost:8080/api2/session
>
> * Try the oldAPI with the same token -+++++ curl --dump-header
> headers -d "token=[YOUR_TOKEN]" http://localhost:8080/api/login
>
>
> D.
>
>
>>
>> Sent from BlackBerryŽ on Airtel
>>
>> -----Original Message-----
>> From: Richard Hirsch <hi...@gmail.com>
>> Date: Mon, 12 Jul 2010 09:05:21
>> To: <es...@incubator.apache.org>
>> Reply-To: esme-dev@incubator.apache.org
>> Subject: Re: integration-admin role required for api2 calls ?
>>
>> you don't need the role to login in via the session method . You just
>> need the role when creating users or tokens via the api2.
>>
>> D.
>>
>> On Mon, Jul 12, 2010 at 9:01 AM, Imtiaz Ahmed H E <in...@gmail.com>
>> wrote:
>>>
>>> and how do you get this role ? Not having that role is probably why I'm
>>> getting '403 Forbidden' in the following...
>>>
>>>
>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>> $ curl --dump-header headers -d "token=RCJ44VUZEOEES3NR1EZEIK32PF1BNOBQ"
>>> http:/
>>> /localhost:8080/api2/session
>>>
>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>> $ cat headers
>>> HTTP/1.1 403 Forbidden
>>> Expires: Sun, 11 Jul 2010 08:29:09 UTC
>>> Set-Cookie: JSESSIONID=d8a63eqezeownsy8qnayuhwy;Path=/
>>> Content-Length: 0
>>> Date: Sun, 11 Jul 2010 08:29:09 UTC
>>> Pragma: no-cache
>>> Content-Type: text/plain; charset=utf-8
>>> Cache-Control: no-cache; private; no-store
>>> X-Lift-Version: 2.0-SNAPSHOT
>>> Server: Jetty(6.1.24)
>>>
>>>
>>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>>> $
>>>
>>> Imtiaz
>>
>
>
Re: integration-admin role required for api2 calls ?
Posted by Imtiaz Ahmed H E <in...@gmail.com>.
Dick,
The old API is not available in the current svn read only checkout (should
be API.scala , I guess)
Can you help ?
Imtiaz
----- Original Message -----
From: "Richard Hirsch" <hi...@gmail.com>
To: <es...@incubator.apache.org>; <in...@gmail.com>
Sent: Monday, July 12, 2010 12:46 PM
Subject: Re: integration-admin role required for api2 calls ?
On Mon, Jul 12, 2010 at 9:09 AM, <in...@gmail.com> wrote:
> Why am I getting 403, the token is exactly as got from one of the users in
> the UI without an integration-admin role.
Are you sure that the token is correct?
Ideas:
* Start with mvn jetty:run and try ++++++ curl --dump-header headers
-d "token=[YOUR_TOKEN]" http://localhost:8080/api2/session
* Try the oldAPI with the same token -+++++ curl --dump-header
headers -d "token=[YOUR_TOKEN]" http://localhost:8080/api/login
D.
>
> Sent from BlackBerry® on Airtel
>
> -----Original Message-----
> From: Richard Hirsch <hi...@gmail.com>
> Date: Mon, 12 Jul 2010 09:05:21
> To: <es...@incubator.apache.org>
> Reply-To: esme-dev@incubator.apache.org
> Subject: Re: integration-admin role required for api2 calls ?
>
> you don't need the role to login in via the session method . You just
> need the role when creating users or tokens via the api2.
>
> D.
>
> On Mon, Jul 12, 2010 at 9:01 AM, Imtiaz Ahmed H E <in...@gmail.com>
> wrote:
>> and how do you get this role ? Not having that role is probably why I'm
>> getting '403 Forbidden' in the following...
>>
>>
>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>> $ curl --dump-header headers -d "token=RCJ44VUZEOEES3NR1EZEIK32PF1BNOBQ"
>> http:/
>> /localhost:8080/api2/session
>>
>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>> $ cat headers
>> HTTP/1.1 403 Forbidden
>> Expires: Sun, 11 Jul 2010 08:29:09 UTC
>> Set-Cookie: JSESSIONID=d8a63eqezeownsy8qnayuhwy;Path=/
>> Content-Length: 0
>> Date: Sun, 11 Jul 2010 08:29:09 UTC
>> Pragma: no-cache
>> Content-Type: text/plain; charset=utf-8
>> Cache-Control: no-cache; private; no-store
>> X-Lift-Version: 2.0-SNAPSHOT
>> Server: Jetty(6.1.24)
>>
>>
>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>> $
>>
>> Imtiaz
>
Re: integration-admin role required for api2 calls ?
Posted by Richard Hirsch <hi...@gmail.com>.
On Mon, Jul 12, 2010 at 9:09 AM, <in...@gmail.com> wrote:
> Why am I getting 403, the token is exactly as got from one of the users in the UI without an integration-admin role.
Are you sure that the token is correct?
Ideas:
* Start with mvn jetty:run and try ++++++ curl --dump-header headers
-d "token=[YOUR_TOKEN]" http://localhost:8080/api2/session
* Try the oldAPI with the same token -+++++ curl --dump-header
headers -d "token=[YOUR_TOKEN]" http://localhost:8080/api/login
D.
>
> Sent from BlackBerry® on Airtel
>
> -----Original Message-----
> From: Richard Hirsch <hi...@gmail.com>
> Date: Mon, 12 Jul 2010 09:05:21
> To: <es...@incubator.apache.org>
> Reply-To: esme-dev@incubator.apache.org
> Subject: Re: integration-admin role required for api2 calls ?
>
> you don't need the role to login in via the session method . You just
> need the role when creating users or tokens via the api2.
>
> D.
>
> On Mon, Jul 12, 2010 at 9:01 AM, Imtiaz Ahmed H E <in...@gmail.com> wrote:
>> and how do you get this role ? Not having that role is probably why I'm getting '403 Forbidden' in the following...
>>
>>
>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>> $ curl --dump-header headers -d "token=RCJ44VUZEOEES3NR1EZEIK32PF1BNOBQ"
>> http:/
>> /localhost:8080/api2/session
>>
>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>> $ cat headers
>> HTTP/1.1 403 Forbidden
>> Expires: Sun, 11 Jul 2010 08:29:09 UTC
>> Set-Cookie: JSESSIONID=d8a63eqezeownsy8qnayuhwy;Path=/
>> Content-Length: 0
>> Date: Sun, 11 Jul 2010 08:29:09 UTC
>> Pragma: no-cache
>> Content-Type: text/plain; charset=utf-8
>> Cache-Control: no-cache; private; no-store
>> X-Lift-Version: 2.0-SNAPSHOT
>> Server: Jetty(6.1.24)
>>
>>
>> imtiaz@imtiaz-20100131 /cygdrive/d/temp
>> $
>>
>> Imtiaz
>
Re: integration-admin role required for api2 calls ?
Posted by in...@gmail.com.
Why am I getting 403, the token is exactly as got from one of the users in the UI without an integration-admin role.
Sent from BlackBerry® on Airtel
-----Original Message-----
From: Richard Hirsch <hi...@gmail.com>
Date: Mon, 12 Jul 2010 09:05:21
To: <es...@incubator.apache.org>
Reply-To: esme-dev@incubator.apache.org
Subject: Re: integration-admin role required for api2 calls ?
you don't need the role to login in via the session method . You just
need the role when creating users or tokens via the api2.
D.
On Mon, Jul 12, 2010 at 9:01 AM, Imtiaz Ahmed H E <in...@gmail.com> wrote:
> and how do you get this role ? Not having that role is probably why I'm getting '403 Forbidden' in the following...
>
>
> imtiaz@imtiaz-20100131 /cygdrive/d/temp
> $ curl --dump-header headers -d "token=RCJ44VUZEOEES3NR1EZEIK32PF1BNOBQ"
> http:/
> /localhost:8080/api2/session
>
> imtiaz@imtiaz-20100131 /cygdrive/d/temp
> $ cat headers
> HTTP/1.1 403 Forbidden
> Expires: Sun, 11 Jul 2010 08:29:09 UTC
> Set-Cookie: JSESSIONID=d8a63eqezeownsy8qnayuhwy;Path=/
> Content-Length: 0
> Date: Sun, 11 Jul 2010 08:29:09 UTC
> Pragma: no-cache
> Content-Type: text/plain; charset=utf-8
> Cache-Control: no-cache; private; no-store
> X-Lift-Version: 2.0-SNAPSHOT
> Server: Jetty(6.1.24)
>
>
> imtiaz@imtiaz-20100131 /cygdrive/d/temp
> $
>
> Imtiaz
Re: integration-admin role required for api2 calls ?
Posted by Richard Hirsch <hi...@gmail.com>.
you don't need the role to login in via the session method . You just
need the role when creating users or tokens via the api2.
D.
On Mon, Jul 12, 2010 at 9:01 AM, Imtiaz Ahmed H E <in...@gmail.com> wrote:
> and how do you get this role ? Not having that role is probably why I'm getting '403 Forbidden' in the following...
>
>
> imtiaz@imtiaz-20100131 /cygdrive/d/temp
> $ curl --dump-header headers -d "token=RCJ44VUZEOEES3NR1EZEIK32PF1BNOBQ"
> http:/
> /localhost:8080/api2/session
>
> imtiaz@imtiaz-20100131 /cygdrive/d/temp
> $ cat headers
> HTTP/1.1 403 Forbidden
> Expires: Sun, 11 Jul 2010 08:29:09 UTC
> Set-Cookie: JSESSIONID=d8a63eqezeownsy8qnayuhwy;Path=/
> Content-Length: 0
> Date: Sun, 11 Jul 2010 08:29:09 UTC
> Pragma: no-cache
> Content-Type: text/plain; charset=utf-8
> Cache-Control: no-cache; private; no-store
> X-Lift-Version: 2.0-SNAPSHOT
> Server: Jetty(6.1.24)
>
>
> imtiaz@imtiaz-20100131 /cygdrive/d/temp
> $
>
> Imtiaz