You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@maven.apache.org by "Richard Barnett (JIRA)" <ji...@codehaus.org> on 2014/04/16 08:39:10 UTC

[jira] (MCHANGES-324) Plugin logs into JIRA, but doesn't seem to make the status request with the session

    [ https://jira.codehaus.org/browse/MCHANGES-324?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=344992#comment-344992 ] 

Richard Barnett commented on MCHANGES-324:
------------------------------------------

I just saw that 2.10 has been released so thought I'd test it.

Using 2.9 with the MCHANGES-291 patch works.
Using the release of 2.10 does not.  
I think the JIRA api request for {{.../status}} is missing the {{studio.crowd.tokenkey}} cookie from the {{/session}} response.

Patched 2.9 {{-X}} output:
{code}
...
Address: https://palomamobile.atlassian.net/rest/api/2/status
Http-Method: GET
Content-Type: application/json
Headers: {Accept=[application/json], Content-Type=[application/json], Cookie=[studio.crowd.tokenkey=02a9...sg00; Domain=.palomamobile.atlassian.net; Path=/; Secure; HttpOnly, studio.crowd.tokenkey=""; Domain=.palomamobile.atlassian.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure; HttpOnly, JSESSIONID=357B...C779; Path=/; Secure; HttpOnly, atlassian.xsrf.token=BEV2-GO5R-UEXG-O36M|7809ad18ca297320d74fe09e58528ed0c6bd63b7|lout; Path=/; Secure]}

Response-Code: 200
Headers: {Cache-Control=[no-cache, no-store, no-transform], connection=[keep-alive], Content-Length=[5769], content-type=[application/json;charset=UTF-8], Date=[Wed, 16 Apr 2014 06:16:24 GMT], Server=[nginx], Set-Cookie=[atlassian.xsrf.token=BEV2-GO5R-UEXG-O36M|8cabb1d1131c4474fb2e0b9752bc96705d0c9e86|lin; Path=/; Secure], Strict-Transport-Security=[max-age=315360000;includeSubdomains], Vary=[Accept-Encoding], X-AREQUESTID=[976x17573x1], X-ASEN=[SEN-2342040], X-ASESSIONID=[105s9dl], X-AUSERNAME=[richard], X-Content-Type-Options=[nosniff], X-Seraph-LoginReason=[OK]}
...
Payload: [{...},...]
{code}

2.10 {{-X}} output:
{code}
...
Address: https://palomamobile.atlassian.net/rest/api/2/status
Http-Method: GET
Content-Type: application/json
Headers: {Accept=[application/json], Content-Type=[application/json], Cookie=[$Version="1"; JSESSIONID=B587...D705; $Path=/, $Version="1"; atlassian.xsrf.token=BEV2-GO5R-UEXG-O36M|5fff433f88eef360c36b07b6a3613bf8aac947c9|lout; $Path=/, $Version="1"; studio.crowd.tokenkey=""]}

Response-Code: 200
Headers: {Cache-Control=[no-cache, no-store, no-transform], connection=[keep-alive], Content-Length=[2], content-type=[application/json;charset=UTF-8], Date=[Wed, 16 Apr 2014 06:07:58 GMT], Server=[nginx], Strict-Transport-Security=[max-age=315360000;includeSubdomains], Vary=[Accept-Encoding], X-AREQUESTID=[967x17557x1], X-ASEN=[SEN-2342040], X-ASESSIONID=[b0z5dq], X-AUSERNAME=[anonymous], X-Content-Type-Options=[nosniff]}
...
Payload: []
{code}

> Plugin logs into JIRA, but doesn't seem to make the status request with the session
> -----------------------------------------------------------------------------------
>
>                 Key: MCHANGES-324
>                 URL: https://jira.codehaus.org/browse/MCHANGES-324
>             Project: Maven Changes Plugin
>          Issue Type: Bug
>          Components: jira
>            Reporter: Antony Stubbs
>            Assignee: Dennis Lundberg
>             Fix For: 2.10
>
>
> After successful login, I end up with:
> {code}
> Nov 11, 2013 5:47:19 PM org.apache.cxf.interceptor.LoggingOutInterceptor
> INFO: Outbound Message
> ---------------------------
> ID: 3
> Address: https://xxxxxxxxxxxxxxxxx/rest/api/2/status
> Http-Method: GET
> Content-Type: application/json
> Headers: {Accept=[application/json], Content-Type=[application/json]}
> --------------------------------------
> Nov 11, 2013 5:47:19 PM org.apache.cxf.interceptor.LoggingInInterceptor
> INFO: Inbound Message
> ----------------------------
> ID: 3
> Response-Code: 200
> Encoding: UTF-8
> Content-Type: application/json;charset=UTF-8
> Headers: {Cache-Control=[no-cache, no-store, no-transform], connection=[keep-alive], Content-Length=[2], content-type=[application/json;charset=UTF-8], Date=[Mon, 11 Nov 2013 22:47:30 GMT], Server=[nginx], Set-Cookie=[atlassian.xsrf.token=B14E-GL73-6FKZ-OP3B|dd19dbabf6f82c59be235929d3f1ee8d9e41fa4a|lout; Path=/], Strict-Transport-Security=[max-age=315360000;includeSubdomains], Vary=[Accept-Encoding], X-AREQUESTID=[1067x34467x1], X-ASEN=[SEN-2356824], X-AUSERNAME=[anonymous]}
> Payload: []
> {code}
> Which returns nothing as you can see. I think that may be because it has X-AUSERNAME=[anonymous] ? Instead of using the session it created...
> After logging into jira in chrome, pasting the just the rest url into the browser returns all the different status (works as I'd expect).



--
This message was sent by Atlassian JIRA
(v6.1.6#6162)