On Mon, Jul 12, 2010 at 4:28 PM, Imtiaz Ahmed H E <[email protected]> wrote: > BTW, the steps I follow are: > > 1. mvn jetty:run > 2. Open cygwin prompt > 3, Execute curl commands.
What command do you run in curl? When you run jetty - tomcat must be shut down. It usually listens on the same 8080 port. > > When previously opened Esme may have been left in logged in OR logged out > state... > > Please find attached a jpg with the My Tokens page of ESME showing the token > I have used in my curl command to dump headers. The esme-dev mailer usually deletes all attachments - so we won't get it :-< > > Maybe I need to step through API2's addSession() method. I stopped stepping > through code when I moved to Java development 10 years back !. Or I need to > figure out the basics of all that's going on inside addSession(), especially > Lift-related, then maybe I can stick to my no-stepping-through-code attitude > ! > > Tried it again just now after shutting down a Tomcat instance of Esme > leaving Esme user, imtiaz2, logged in...got the same '403 Forbidden' in the > dumped header. > Imtiaz > > ----- Original Message ----- From: "Ethan Jewett" <[email protected]> > To: <[email protected]> > Cc: <[email protected]> > Sent: Monday, July 12, 2010 7:35 PM > Subject: Re: integration-admin role required for api2 calls ? > > > For me, the following works fine: > > curl --dump-header headers -d "token=KMETDTRX01VV5MVS1RHV2CNGMUKENUB3" > http://localhost:8080/api2/session > > Returns: > > <?xml version="1.0" encoding="UTF-8"?> > <api><session><user><id>24</id><nickname>test</nickname><image>None</image><whole_name>Ethan > Jewett</whole_name></user></session></api> > > Headers (from "cat headers"): HTTP/1.1 200 OK > Expires: Mon, 12 Jul 2010 14:02:15 UTC > Set-Cookie: JSESSIONID=2041ucsme2i8;Path=/ > Content-Length: 179 > Date: Mon, 12 Jul 2010 14:02:15 UTC > Pragma: no-cache > Content-Type: text/xml; charset=utf-8 > Cache-Control: no-cache; private; no-store > X-Lift-Version: 2.0-SNAPSHOT > Server: Jetty(6.1.22) > > If you can confirm that the token exists in your installation, then we > have some sort of bug that I am unable to recreate at the moment and > we'll need to dig into it further. > > Ethan > > > On Mon, Jul 12, 2010 at 9:30 AM, Vassil Dichev <[email protected]> wrote: >> >> It might also mean that there's no such URL so you have no access to >> such a resource. >> >> On Mon, Jul 12, 2010 at 10:09 AM, <[email protected]> wrote: >>> >>> Why am I getting 403, the token is exactly as got from one of the users >>> in the UI without an integration-admin role. >>> >>> Sent from BlackBerryŽ on Airtel >>> >>> -----Original Message----- >>> From: Richard Hirsch <[email protected]> >>> Date: Mon, 12 Jul 2010 09:05:21 >>> To: <[email protected]> >>> Reply-To: [email protected] >>> Subject: Re: integration-admin role required for api2 calls ? >>> >>> you don't need the role to login in via the session method . You just >>> need the role when creating users or tokens via the api2. >>> >>> D. >>> >>> On Mon, Jul 12, 2010 at 9:01 AM, Imtiaz Ahmed H E <[email protected]> >>> wrote: >>>> >>>> and how do you get this role ? Not having that role is probably why I'm >>>> getting '403 Forbidden' in the following... >>>> >>>> >>>> imt...@imtiaz-20100131 /cygdrive/d/temp >>>> $ curl --dump-header headers -d "token=RCJ44VUZEOEES3NR1EZEIK32PF1BNOBQ" >>>> http:/ >>>> /localhost:8080/api2/session >>>> >>>> imt...@imtiaz-20100131 /cygdrive/d/temp >>>> $ cat headers >>>> HTTP/1.1 403 Forbidden >>>> Expires: Sun, 11 Jul 2010 08:29:09 UTC >>>> Set-Cookie: JSESSIONID=d8a63eqezeownsy8qnayuhwy;Path=/ >>>> Content-Length: 0 >>>> Date: Sun, 11 Jul 2010 08:29:09 UTC >>>> Pragma: no-cache >>>> Content-Type: text/plain; charset=utf-8 >>>> Cache-Control: no-cache; private; no-store >>>> X-Lift-Version: 2.0-SNAPSHOT >>>> Server: Jetty(6.1.24) >>>> >>>> >>>> imt...@imtiaz-20100131 /cygdrive/d/temp >>>> $ >>>> >>>> Imtiaz >>> >> >
