Ethan, hopefully you will be able to point me the way here...
I have included in this mail at the end, addSession() in API2.scala with
some debug println's introduced. With this here's what I get----
-------------------------------------------------------------------------------------------
------------------With mvn install and executing Esme in Tomcat curl output
is ---------------------
imt...@imtiaz-20100131 /cygdrive/d/temp
$ curl --dump-header headers -d "token=HEZTQKM525SAMIPN4EDVRUOGHI40AKBL"
http:/
/localhost:8080/esme-server-apache-esme-1.0-RC1-incubating/api2/session
<?xml version="1.0" encoding="UTF-8"?>
<api><session><user><id>3</id><nickname>imtiaz2</nickname><image>None</image><w
ole_name>I A 2 H E</whole_name></user></session></api>
imt...@imtiaz-20100131 /cygdrive/d/temp
$ cat headers
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=C60F80AD16EFD5BE6E55231EE6C7651D;
Path=/esme-server-apac
e-esme-1.0-RC1-incubating
Expires: Thu, 15 Jul 2010 13:44:35 UTC
Date: Thu, 15 Jul 2010 13:44:35 GMT
Pragma: no-cache
Cache-Control: no-cache; private; no-store
X-Lift-Version: 2.0-SNAPSHOT
Content-Type: text/xml;charset=utf-8
Content-Length: 178
imt...@imtiaz-20100131 /cygdrive/d/temp
$
-------------------------and in the Tomcat log
window....------------------------------
INFO: Server startup in 25875 ms
****auth =
Full(org.apache.esme.model.AuthToken={user=3,uniqueId=HEZTQKM525SAMIP
N4EDVRUOGHI40AKBL,createdDate=Sun, 11 Jul 2010 11:47:30
UTC,id=2,description=MyS
econdToken})
****user =
Full(org.apache.esme.model.User={validated=false,uniqueId=0ZYRGE1WUDQ
5EZJTPZBAV5OIB5AHX0PK,nickname=imtiaz2,firstName=I A 2,lastName=H
E,imageUrl=,ti
mezone=Asia/Calcutta,superUser=false,locale=en_US,id=3})
INFO - Service request (POST)
/esme-server-apache-esme-1.0-RC1-incubating/api2/s
ession took 218 Milliseconds
WARN - Going to buffer response body of large or unknown size. Using
getResponse
BodyAsStream instead is recommended.
------------------------------------------------------------------------------
---------------------------With mvn jetty:run and curl output
is ----------------------------
imt...@imtiaz-20100131 /cygdrive/d/temp
$ rm headers
imt...@imtiaz-20100131 /cygdrive/d/temp
$ curl --dump-header headers -d "token=HEZTQKM525SAMIPN4EDVRUOGHI40AKBL"
http:/
/localhost:8080/api2/session
imt...@imtiaz-20100131 /cygdrive/d/temp
$ cat headers
HTTP/1.1 403 Forbidden
Expires: Thu, 15 Jul 2010 13:49:54 UTC
Set-Cookie: JSESSIONID=1eie2xmbi5yj71aagff9u961sm;Path=/
Content-Length: 0
Date: Thu, 15 Jul 2010 13:49:54 UTC
Pragma: no-cache
Content-Type: text/plain; charset=utf-8
Cache-Control: no-cache; private; no-store
X-Lift-Version: 2.0-SNAPSHOT
Server: Jetty(6.1.24)
imt...@imtiaz-20100131 /cygdrive/d/temp
$
----------------------------------and in the jetty log
window-------------------------------------
[INFO] Started Jetty Server
****auth = Empty
INFO - Service request (POST) /api2/session took 328 Milliseconds
-------------------------------------------------------------------------------------------------
---------------------- addSession in API2 with with debug println's as
follows-------------------
def addSession(): LiftResponse = {
val r: Box[Tuple3[Int,Map[String,String],Box[Elem]]] = if
(User.loggedIn_?) Empty else
for(token <- S.param("token")) yield {
val ret: Box[Tuple3[Int,Map[String,String],Box[Elem]]] = for {
auth <- { println("****auth = " +
AuthToken.find(By(AuthToken.uniqueId, token)))
AuthToken.find(By(AuthToken.uniqueId, token)) }
user <- { println("****user = " + auth.user.obj)
auth.user.obj }
val user_xml: Elem = <session>{userToXml(user)}</session>
} yield {
User.logUserIn(user)
val myActor = buildActor(user.id)
messageRestActor(Full(myActor))
userRoles(AuthRole("integration-admin"))
(200,Map(),Full(user_xml))
}
ret openOr (403,Map(),Empty)
}
r
}
Imtiaz
Imtiaz Ahmed H E
Cell +91.98452 84561
Bangalore, India
----- Original Message -----
From: "Richard Hirsch" <[email protected]>
To: <[email protected]>
Sent: Tuesday, July 13, 2010 9:54 AM
Subject: Re: integration-admin role required for api2 calls ?
2010/7/13 Imtiaz Ahmed H E <[email protected]>:
Why is that you don't need to include "Esme" as in
http://localhost:8080/esme/api2/session but instead you say
"http://localhost:8080/api2/session"; when you use
mvn jetty:run instead of Tomcat to use api2. The api seems to work
correctly
when invoked when running in Tomcat.
In Tomcat you can have different applications running in the
container. Every time you put a war or ear file in Tomcat's webapps
directory, the files are extracted and the application is then
available using the name of the war/ear file file. Using mvn jetty:run
- there is just one application deployed (esme) and therefore, there
is no need for "esme" in the url.
Imtiaz
----- Original Message ----- From: "Richard Hirsch"
<[email protected]>
To: <[email protected]>
Sent: Monday, July 12, 2010 8:13 PM
Subject: Re: integration-admin role required for api2 calls ?
On Mon, Jul 12, 2010 at 4:28 PM, Imtiaz Ahmed H E <[email protected]>
wrote:
BTW, the steps I follow are:
1. mvn jetty:run
2. Open cygwin prompt
3, Execute curl commands.
What command do you run in curl?
When you run jetty - tomcat must be shut down. It usually listens on
the same 8080 port.
When previously opened Esme may have been left in logged in OR logged out
state...
Please find attached a jpg with the My Tokens page of ESME showing the
token
I have used in my curl command to dump headers.
The esme-dev mailer usually deletes all attachments - so we won't get it
:-<
Maybe I need to step through API2's addSession() method. I stopped
stepping
through code when I moved to Java development 10 years back !. Or I need
to
figure out the basics of all that's going on inside addSession(),
especially
Lift-related, then maybe I can stick to my no-stepping-through-code
attitude
!
Tried it again just now after shutting down a Tomcat instance of Esme
leaving Esme user, imtiaz2, logged in...got the same '403 Forbidden' in
the
dumped header.
Imtiaz
----- Original Message ----- From: "Ethan Jewett" <[email protected]>
To: <[email protected]>
Cc: <[email protected]>
Sent: Monday, July 12, 2010 7:35 PM
Subject: Re: integration-admin role required for api2 calls ?
For me, the following works fine:
curl --dump-header headers -d "token=KMETDTRX01VV5MVS1RHV2CNGMUKENUB3"
http://localhost:8080/api2/session
Returns:
<?xml version="1.0" encoding="UTF-8"?>
<api><session><user><id>24</id><nickname>test</nickname><image>None</image><whole_name>Ethan
Jewett</whole_name></user></session></api>
Headers (from "cat headers"): HTTP/1.1 200 OK
Expires: Mon, 12 Jul 2010 14:02:15 UTC
Set-Cookie: JSESSIONID=2041ucsme2i8;Path=/
Content-Length: 179
Date: Mon, 12 Jul 2010 14:02:15 UTC
Pragma: no-cache
Content-Type: text/xml; charset=utf-8
Cache-Control: no-cache; private; no-store
X-Lift-Version: 2.0-SNAPSHOT
Server: Jetty(6.1.22)
If you can confirm that the token exists in your installation, then we
have some sort of bug that I am unable to recreate at the moment and
we'll need to dig into it further.
Ethan
On Mon, Jul 12, 2010 at 9:30 AM, Vassil Dichev <[email protected]>
wrote:
It might also mean that there's no such URL so you have no access to
such a resource.
On Mon, Jul 12, 2010 at 10:09 AM, <[email protected]> wrote:
Why am I getting 403, the token is exactly as got from one of the users
in the UI without an integration-admin role.
Sent from BlackBerryŽ on Airtel
-----Original Message-----
From: Richard Hirsch <[email protected]>
Date: Mon, 12 Jul 2010 09:05:21
To: <[email protected]>
Reply-To: [email protected]
Subject: Re: integration-admin role required for api2 calls ?
you don't need the role to login in via the session method . You just
need the role when creating users or tokens via the api2.
D.
On Mon, Jul 12, 2010 at 9:01 AM, Imtiaz Ahmed H E <[email protected]>
wrote:
and how do you get this role ? Not having that role is probably why
I'm
getting '403 Forbidden' in the following...
imt...@imtiaz-20100131 /cygdrive/d/temp
$ curl --dump-header headers -d
"token=RCJ44VUZEOEES3NR1EZEIK32PF1BNOBQ"
http:/
/localhost:8080/api2/session
imt...@imtiaz-20100131 /cygdrive/d/temp
$ cat headers
HTTP/1.1 403 Forbidden
Expires: Sun, 11 Jul 2010 08:29:09 UTC
Set-Cookie: JSESSIONID=d8a63eqezeownsy8qnayuhwy;Path=/
Content-Length: 0
Date: Sun, 11 Jul 2010 08:29:09 UTC
Pragma: no-cache
Content-Type: text/plain; charset=utf-8
Cache-Control: no-cache; private; no-store
X-Lift-Version: 2.0-SNAPSHOT
Server: Jetty(6.1.24)
imt...@imtiaz-20100131 /cygdrive/d/temp
$
Imtiaz
