On 23/10/2013 19:36, Nathan Kopp wrote:
I'm trying to use CXF REST services to allow the user to change their
own password. I'm using the Jersey REST client. Using GET with
"/users/self" works. However, I'm getting a either a 404 or 500 error
from Syncope when I try to POST to "/users/100" or "/users/self". (In
this case, the user's ID is "100".)
What am I doing wrong?
Hi Nathan,
as recently discussed [1], there is currently no option for letting a
plain user to updated his own data without admin approval (this is going
to change with SYNCOPE-145 [2]).
The operation flow looks then as following:
1. plain user updates his own data (possibly including password)
2. admin user sees the incoming user request and possibly executes it,
then deletes it
3. plain user gets his data effectively changed
(1) is performed via UserRequest's POST /requests/user [1]
(2) is performed via UserRequest's POST update/execute/{requestId} (if
the requestId is known from (1), otherwise you will need to find it via
other methods of UserRequest service) and finally via DELETE
/requests/user/{requestId}
Things are different when performing user update as administrator, e.g.
when admin user updates plain user's data: POST /users/{userId} with a
JSON or XML UserMod [4] payload.
Naturally, things are much easier when working via admin console or
using the Syncope client library.
Regards.
[1] http://markmail.org/message/v4dorbvybhugz3wo
[2] https://issues.apache.org/jira/browse/SYNCOPE-145
[3]
https://cwiki.apache.org/confluence/display/SYNCOPE/REST+API+upgrade#RESTAPIupgrade-UserRequestService
[4]
https://svn.apache.org/repos/asf/syncope/branches/1_1_X/common/src/main/java/org/apache/syncope/common/mod/UserMod.java
URI baseUri= UriBuilder.fromUri("https://my-server/syncope/cxf";).build()
ClientConfig config = new DefaultClientConfig();
Client client = Client.create(config);
client.addFilter(new HTTPBasicAuthFilter(username, oldPassword));
WebResource service = client.resource(baseUri);
// this part works
ClientResponse response =
service.path("users").path("self").accept(MediaType.APPLICATION_JSON).get(ClientResponse.class);
String s = "{\"password\":\""+newPassword+"\"}";
// this gives a 404 error
ClientResponse response2 = service.path("users").path("100")
.accept(MediaType.APPLICATION_JSON)
.type(MediaType.APPLICATION_JSON)
.post(ClientResponse.class,s);
// this gives a 500 error
ClientResponse response3 = service.path("users").path("self")
.accept(MediaType.APPLICATION_JSON)
.type(MediaType.APPLICATION_JSON)
.post(ClientResponse.class,s);
--
Francesco Chicchiriccò
ASF Member, Apache Syncope PMC chair, Apache Cocoon PMC Member
http://people.apache.org/~ilgrosso/
