This discussion is archived
6 Replies Latest reply: Sep 13, 2013 10:17 AM by Williams Herrera RSS

LEGACY REST ATG 10.2

Williams Herrera Newbie
Currently Being Moderated

Hi gurus,

 

im try to execute de LEGACY REST examples. The login works fine but, this command is not working, Can you help me??

 

curl -v -b cookies.txt -X GET http://localhost:8080/rest/repository/atg/userprofiling/ProfileAdapterRepository/user

 

* Adding handle: conn: 0x80e560

* Adding handle: send: 0

* Adding handle: recv: 0

* Curl_addHandleToPipeline: length: 1

* - Conn 0 (0x80e560) send_pipe: 1, recv_pipe: 0

* About to connect() to localhost port 8080 (#0)

*   Trying 127.0.0.1...

* Connected to localhost (127.0.0.1) port 8080 (#0)

> GET /rest/repository/atg/userprofiling/ProfileAdapterRepository/user HTTP/1.1

> User-Agent: curl/7.32.0

> Host: localhost:8080

> Accept: */*

> Cookie: JSESSIONID=4549E48ABC0B117FEFDB132C6A481084

>

< HTTP/1.1 401 Unauthorized

* Server Apache-Coyote/1.1 is not blacklisted

< Server: Apache-Coyote/1.1

< X-Powered-By: Servlet 2.5; JBoss-5.0/JBossWeb-2.1

< X-ATG-Version: version=QVRHUGxhdGZvcm0vMTAuMixDb21tZXJjZVJlZmVyZW5jZVN0b3JlLzEwLjI=

< Content-Type: text/html;charset=utf-8

< Content-Length: 1256

< Date: Thu, 12 Sep 2013 16:05:08 GMT

<

<html><head><title>JBoss Web/2.1.3.GA - Error report</title><style><!--H1 {font-family:Ta

olor:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;backgro

mily:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {

k;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-

ns-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : b

<body><h1>HTTP Status 401 - Access to the requested unsecured repository is not allowed.

<HR size="1" noshade="noshade"><p><b>type</b> Status report</p><p><b>message</b> <u>Acces

allowed. System is configured to not allow access.</u></p><p><b>description</b> <u>This

o the requested unsecured repository is not allowed. System is configured to not allow ac

<h3>JBoss Web/2.1.3.GA</h3></body></html>* Connection #0 to host localhost left intact

 

 

 

 

THANKS

Williams

  • 1. Re: LEGACY REST ATG 10.2
    Williams Herrera Newbie
    Currently Being Moderated

    The security file (restSecurityConfiguration.xml) that im using is the follow;

     

    <rest-security>

    <default-acl value="Profile$login$williams:read,write,execute"/>

     

    <resource component="/atg/dynamo/Configuration" secure="true">

      <method name="httpPort" secure="false"/>

    </resource>

     

    <resource component="/atg/userprofiling/MyAccount/personalInfo" secure="true">

      </resource>

      <resource component="/atg/targeting/TargetingServices">

       <method name="targerterResolver" secure="false"/>

       <method name="executeRepositoryTargeterItems" secure="false"/>

      </resource>

     

    <resource component="atg/userprofiling/ProfileAdapterRepository" secure="false">

       <default-acl value="Profile$login$williams:read,write,execute"/>

       <method name="user" secure="false" requiresSessionConfirmation="false"/>

    </resource>

     

    </rest-security>

     

    Thanks

    Williams

  • 2. Re: LEGACY REST ATG 10.2
    Nitin Khare Expert
    Currently Being Moderated

    Try providing the ACL for the method that you are trying to access and see if it helps.

     

    <resource component="atg/userprofiling/ProfileAdapterRepository" secure="false">

        <default-acl value="Profile$login$williams:read,write,execute"/>

        <method name="user" secure="false" requiresSessionConfirmation="false">

          <acl value="Profile$login$williams:read,write,execute" />

        </method>

    </resource>

  • 3. Re: LEGACY REST ATG 10.2
    Williams Herrera Newbie
    Currently Being Moderated

    Hi Nitin,

     

    I try the configuration you gave but it didnt work.

     

    Any other idea?

     

    This is the message:

     

    C:\Users\wherrera\Desktop>curl -v -b cookies.txt -X GET http://localhost:8080/rest/repository/atg/userprofiling/ProfileAdapterRepository/user

    * Adding handle: conn: 0x6fe560

    * Adding handle: send: 0

    * Adding handle: recv: 0

    * Curl_addHandleToPipeline: length: 1

    * - Conn 0 (0x6fe560) send_pipe: 1, recv_pipe: 0

    * About to connect() to localhost port 8080 (#0)

    *   Trying 127.0.0.1...

    * Connected to localhost (127.0.0.1) port 8080 (#0)

    > GET /rest/repository/atg/userprofiling/ProfileAdapterRepository/user HTTP/1.1

    > User-Agent: curl/7.32.0

    > Host: localhost:8080

    > Accept: */*

    > Cookie: DYN_USER_CONFIRM=87e97acb105db0ef16c8b10c2bc3c20d; DYN_USER_ID=230000; JSESSIONID=826F69D2FD79FB681893079C07BA045F

    >

    < HTTP/1.1 401 Unauthorized

    * Server Apache-Coyote/1.1 is not blacklisted

    < Server: Apache-Coyote/1.1

    < X-Powered-By: Servlet 2.5; JBoss-5.0/JBossWeb-2.1

    < X-ATG-Version: version=QVRHUGxhdGZvcm0vMTAuMixDb21tZXJjZVJlZmVyZW5jZVN0b3JlLzEwLjI=

    < Content-Type: text/html;charset=utf-8

    < Content-Length: 1256

    < Date: Fri, 13 Sep 2013 14:26:30 GMT

    <

    <html><head><title>JBoss Web/2.1.3.GA - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-c

    olor:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-fa

    mily:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:blac

    k;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sa

    ns-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--></style> </head>

    <body><h1>HTTP Status 401 - Access to the requested unsecured repository is not allowed. System is configured to not allow access.</h1>

    <HR size="1" noshade="noshade"><p><b>type</b> Status report</p><p><b>message</b> <u>Access to the requested unsecured repository is not

    allowed. System is configured to not allow access.</u></p><p><b>description</b> <u>This request requires HTTP authentication (Access t

    o the requested unsecured repository is not allowed. System is configured to not allow access.).</u></p><HR size="1" noshade="noshade">

    <h3>JBoss Web/2.1.3.GA</h3></body></html>* Connection #0 to host localhost left intact

     

    thanks!

    Williams

  • 4. Re: LEGACY REST ATG 10.2
    Nitin Khare Expert
    Currently Being Moderated

    As you see in the error details, it is coming because your rest security configuration is not configured for allowing access to unsecured repository. Try changing allowAccessForUnsecuredRepository property to true in your componenet configuration of /atg/rest/processor/RestSecurityProcessor. For production environment it should be kept false and you would have to create a secured repository definition of your repository in order to make it secure and make it work with the ACL in the rest security configuration.

  • 5. Re: LEGACY REST ATG 10.2
    Williams Herrera Newbie
    Currently Being Moderated

    Thanks Nitin!

    We just test changing that property and it WORKS!!  I really appreciation the help!

     

    In order to follow the process, we are installing dev enviroment and i would like to setup the secured repository y ACL definitions as you said.

     

    Can i bother you with this? do i have to create another post?

     

    thanks again!

    Williams Herrera L.

  • 6. Re: LEGACY REST ATG 10.2
    Nitin Khare Expert
    Currently Being Moderated

    Glad that it worked for you. You can keep posting the updates and create a new thread in case required. Thanks.

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points