Ethan might have a point - you will need two different tokens. One for jetty environment and one for the tomcat environment.
Try this: 1. Start ESME using jetty: "mvn jetty:run" 2. Open a browser and type "http://localhost:8080"; 3. Login with the user of choice. 4. Click on the "My Tokens" window and create a token. 5. Copy this token - let's say this token was "XYZ" 6. In a shell, type curl --dump-header headers -d "token=XYZ" http://localhost:8080/api2/session 7. What happens? 2010/7/15 Imtiaz Ahmed H E <[email protected]>: > Makes sense. > > For a quick try-out of this would you tell me > 1. How to create a user/login...user is 'imtiaz2', lets say... > and > 2. Create a token through the api with mvn jetty:run of esme... > > I guess that's it for now and I'll try it out. Looks like that will solve > this conundrum(!) of mine which seems to be born out of my ignorance ! :( > > Imtiaz > > ----- Original Message ----- From: "Ethan Jewett" <[email protected]> > To: <[email protected]> > Sent: Thursday, July 15, 2010 7:44 PM > Subject: Re: integration-admin role required for api2 calls ? > > > Hi Imtiaz, > > It looks like it's not finding the token when you are running using > Jetty. Since I believe ESME will use a different datastore when > running under Tomcat than it uses when running under Jetty, I think > you will need to create a user and a token under Jetty, then use that > token. > > Does that sound right to you? I could be totally off-base here, but > that would be the first thing to check. > > If the token really does exist under Jetty, then can you change your > println statement to the following and we'll go from there: > > auth <- { println("****token = " + token) > > Thanks, > Ethan > > 2010/7/15 Imtiaz Ahmed H E <[email protected]>: >> >> Ethan, hopefully you will be able to point me the way here... >> >> I have included in this mail at the end, addSession() in API2.scala with >> some debug println's introduced. With this here's what I get---- >> >> >> ------------------------------------------------------------------------------------------- >> ------------------With mvn install and executing Esme in Tomcat curl >> output >> is --------------------- >> >> imt...@imtiaz-20100131 /cygdrive/d/temp >> $ curl --dump-header headers -d "token=HEZTQKM525SAMIPN4EDVRUOGHI40AKBL" >> http:/ >> /localhost:8080/esme-server-apache-esme-1.0-RC1-incubating/api2/session >> <?xml version="1.0" encoding="UTF-8"?> >> >> <api><session><user><id>3</id><nickname>imtiaz2</nickname><image>None</image><w >> ole_name>I A 2 H E</whole_name></user></session></api> >> >> imt...@imtiaz-20100131 /cygdrive/d/temp >> $ cat headers >> HTTP/1.1 200 OK >> Server: Apache-Coyote/1.1 >> Set-Cookie: JSESSIONID=C60F80AD16EFD5BE6E55231EE6C7651D; >> Path=/esme-server-apac >> e-esme-1.0-RC1-incubating >> Expires: Thu, 15 Jul 2010 13:44:35 UTC >> Date: Thu, 15 Jul 2010 13:44:35 GMT >> Pragma: no-cache >> Cache-Control: no-cache; private; no-store >> X-Lift-Version: 2.0-SNAPSHOT >> Content-Type: text/xml;charset=utf-8 >> Content-Length: 178 >> >> >> imt...@imtiaz-20100131 /cygdrive/d/temp >> $ >> >> -------------------------and in the Tomcat log >> window....------------------------------ >> >> INFO: Server startup in 25875 ms >> ****auth = >> Full(org.apache.esme.model.AuthToken={user=3,uniqueId=HEZTQKM525SAMIP >> N4EDVRUOGHI40AKBL,createdDate=Sun, 11 Jul 2010 11:47:30 >> UTC,id=2,description=MyS >> econdToken}) >> ****user = >> Full(org.apache.esme.model.User={validated=false,uniqueId=0ZYRGE1WUDQ >> 5EZJTPZBAV5OIB5AHX0PK,nickname=imtiaz2,firstName=I A 2,lastName=H >> E,imageUrl=,ti >> mezone=Asia/Calcutta,superUser=false,locale=en_US,id=3}) >> INFO - Service request (POST) >> /esme-server-apache-esme-1.0-RC1-incubating/api2/s >> ession took 218 Milliseconds >> WARN - Going to buffer response body of large or unknown size. Using >> getResponse >> BodyAsStream instead is recommended. >> >> >> ------------------------------------------------------------------------------ >> ---------------------------With mvn jetty:run and curl output is >> ---------------------------- >> >> imt...@imtiaz-20100131 /cygdrive/d/temp >> $ rm headers >> >> imt...@imtiaz-20100131 /cygdrive/d/temp >> $ curl --dump-header headers -d "token=HEZTQKM525SAMIPN4EDVRUOGHI40AKBL" >> http:/ >> /localhost:8080/api2/session >> >> imt...@imtiaz-20100131 /cygdrive/d/temp >> $ cat headers >> HTTP/1.1 403 Forbidden >> Expires: Thu, 15 Jul 2010 13:49:54 UTC >> Set-Cookie: JSESSIONID=1eie2xmbi5yj71aagff9u961sm;Path=/ >> Content-Length: 0 >> Date: Thu, 15 Jul 2010 13:49:54 UTC >> Pragma: no-cache >> Content-Type: text/plain; charset=utf-8 >> Cache-Control: no-cache; private; no-store >> X-Lift-Version: 2.0-SNAPSHOT >> Server: Jetty(6.1.24) >> >> >> imt...@imtiaz-20100131 /cygdrive/d/temp >> $ >> >> ----------------------------------and in the jetty log >> window------------------------------------- >> >> [INFO] Started Jetty Server >> ****auth = Empty >> INFO - Service request (POST) /api2/session took 328 Milliseconds >> >> >> ------------------------------------------------------------------------------------------------- >> ---------------------- addSession in API2 with with debug println's as >> follows------------------- >> >> def addSession(): LiftResponse = { >> val r: Box[Tuple3[Int,Map[String,String],Box[Elem]]] = if >> (User.loggedIn_?) Empty else >> for(token <- S.param("token")) yield { >> val ret: Box[Tuple3[Int,Map[String,String],Box[Elem]]] = for { >> auth <- { println("****auth = " + >> AuthToken.find(By(AuthToken.uniqueId, token))) >> AuthToken.find(By(AuthToken.uniqueId, token)) } >> user <- { println("****user = " + auth.user.obj) >> auth.user.obj } >> val user_xml: Elem = <session>{userToXml(user)}</session> >> } yield { >> User.logUserIn(user) >> val myActor = buildActor(user.id) >> messageRestActor(Full(myActor)) >> userRoles(AuthRole("integration-admin")) >> (200,Map(),Full(user_xml)) >> } >> >> ret openOr (403,Map(),Empty) >> } >> >> r >> } >> >> >> >> Imtiaz >> Imtiaz Ahmed H E >> Cell +91.98452 84561 >> Bangalore, India >> >> >> >> >> ----- Original Message ----- From: "Richard Hirsch" >> <[email protected]> >> To: <[email protected]> >> Sent: Tuesday, July 13, 2010 9:54 AM >> Subject: Re: integration-admin role required for api2 calls ? >> >> >> 2010/7/13 Imtiaz Ahmed H E <[email protected]>: >>> >>> Why is that you don't need to include "Esme" as in >>> http://localhost:8080/esme/api2/session but instead you say >>> "http://localhost:8080/api2/session"; when you use >>> mvn jetty:run instead of Tomcat to use api2. The api seems to work >>> correctly >>> when invoked when running in Tomcat. >> >> In Tomcat you can have different applications running in the >> container. Every time you put a war or ear file in Tomcat's webapps >> directory, the files are extracted and the application is then >> available using the name of the war/ear file file. Using mvn jetty:run >> - there is just one application deployed (esme) and therefore, there >> is no need for "esme" in the url. >> >>> >>> Imtiaz >>> >>> ----- Original Message ----- From: "Richard Hirsch" >>> <[email protected]> >>> To: <[email protected]> >>> Sent: Monday, July 12, 2010 8:13 PM >>> Subject: Re: integration-admin role required for api2 calls ? >>> >>> >>> On Mon, Jul 12, 2010 at 4:28 PM, Imtiaz Ahmed H E <[email protected]> >>> wrote: >>>> >>>> BTW, the steps I follow are: >>>> >>>> 1. mvn jetty:run >>>> 2. Open cygwin prompt >>>> 3, Execute curl commands. >>> >>> What command do you run in curl? >>> >>> When you run jetty - tomcat must be shut down. It usually listens on >>> the same 8080 port. >>> >>>> >>>> When previously opened Esme may have been left in logged in OR logged >>>> out >>>> state... >>>> >>>> Please find attached a jpg with the My Tokens page of ESME showing the >>>> token >>>> I have used in my curl command to dump headers. >>> >>> The esme-dev mailer usually deletes all attachments - so we won't get it >>> :-< >>> >>>> >>>> Maybe I need to step through API2's addSession() method. I stopped >>>> stepping >>>> through code when I moved to Java development 10 years back !. Or I need >>>> to >>>> figure out the basics of all that's going on inside addSession(), >>>> especially >>>> Lift-related, then maybe I can stick to my no-stepping-through-code >>>> attitude >>>> ! >>>> >>>> Tried it again just now after shutting down a Tomcat instance of Esme >>>> leaving Esme user, imtiaz2, logged in...got the same '403 Forbidden' in >>>> the >>>> dumped header. >>>> Imtiaz >>>> >>>> ----- Original Message ----- From: "Ethan Jewett" <[email protected]> >>>> To: <[email protected]> >>>> Cc: <[email protected]> >>>> Sent: Monday, July 12, 2010 7:35 PM >>>> Subject: Re: integration-admin role required for api2 calls ? >>>> >>>> >>>> For me, the following works fine: >>>> >>>> curl --dump-header headers -d "token=KMETDTRX01VV5MVS1RHV2CNGMUKENUB3" >>>> http://localhost:8080/api2/session >>>> >>>> Returns: >>>> >>>> <?xml version="1.0" encoding="UTF-8"?> >>>> >>>> >>>> >>>> <api><session><user><id>24</id><nickname>test</nickname><image>None</image><whole_name>Ethan >>>> Jewett</whole_name></user></session></api> >>>> >>>> Headers (from "cat headers"): HTTP/1.1 200 OK >>>> Expires: Mon, 12 Jul 2010 14:02:15 UTC >>>> Set-Cookie: JSESSIONID=2041ucsme2i8;Path=/ >>>> Content-Length: 179 >>>> Date: Mon, 12 Jul 2010 14:02:15 UTC >>>> Pragma: no-cache >>>> Content-Type: text/xml; charset=utf-8 >>>> Cache-Control: no-cache; private; no-store >>>> X-Lift-Version: 2.0-SNAPSHOT >>>> Server: Jetty(6.1.22) >>>> >>>> If you can confirm that the token exists in your installation, then we >>>> have some sort of bug that I am unable to recreate at the moment and >>>> we'll need to dig into it further. >>>> >>>> Ethan >>>> >>>> >>>> On Mon, Jul 12, 2010 at 9:30 AM, Vassil Dichev <[email protected]> >>>> wrote: >>>>> >>>>> It might also mean that there's no such URL so you have no access to >>>>> such a resource. >>>>> >>>>> On Mon, Jul 12, 2010 at 10:09 AM, <[email protected]> wrote: >>>>>> >>>>>> Why am I getting 403, the token is exactly as got from one of the >>>>>> users >>>>>> in the UI without an integration-admin role. >>>>>> >>>>>> Sent from BlackBerryŽ on Airtel >>>>>> >>>>>> -----Original Message----- >>>>>> From: Richard Hirsch <[email protected]> >>>>>> Date: Mon, 12 Jul 2010 09:05:21 >>>>>> To: <[email protected]> >>>>>> Reply-To: [email protected] >>>>>> Subject: Re: integration-admin role required for api2 calls ? >>>>>> >>>>>> you don't need the role to login in via the session method . You just >>>>>> need the role when creating users or tokens via the api2. >>>>>> >>>>>> D. >>>>>> >>>>>> On Mon, Jul 12, 2010 at 9:01 AM, Imtiaz Ahmed H E >>>>>> <[email protected]> >>>>>> wrote: >>>>>>> >>>>>>> and how do you get this role ? Not having that role is probably why >>>>>>> I'm >>>>>>> getting '403 Forbidden' in the following... >>>>>>> >>>>>>> >>>>>>> imt...@imtiaz-20100131 /cygdrive/d/temp >>>>>>> $ curl --dump-header headers -d >>>>>>> "token=RCJ44VUZEOEES3NR1EZEIK32PF1BNOBQ" >>>>>>> http:/ >>>>>>> /localhost:8080/api2/session >>>>>>> >>>>>>> imt...@imtiaz-20100131 /cygdrive/d/temp >>>>>>> $ cat headers >>>>>>> HTTP/1.1 403 Forbidden >>>>>>> Expires: Sun, 11 Jul 2010 08:29:09 UTC >>>>>>> Set-Cookie: JSESSIONID=d8a63eqezeownsy8qnayuhwy;Path=/ >>>>>>> Content-Length: 0 >>>>>>> Date: Sun, 11 Jul 2010 08:29:09 UTC >>>>>>> Pragma: no-cache >>>>>>> Content-Type: text/plain; charset=utf-8 >>>>>>> Cache-Control: no-cache; private; no-store >>>>>>> X-Lift-Version: 2.0-SNAPSHOT >>>>>>> Server: Jetty(6.1.24) >>>>>>> >>>>>>> >>>>>>> imt...@imtiaz-20100131 /cygdrive/d/temp >>>>>>> $ >>>>>>> >>>>>>> Imtiaz >>>>>> >>>>> >>>> >>> >>> >> >> > >
