6 Replies Latest reply: Sep 13, 2013 12:23 PM by Nitin Khare RSS

    LEGACY REST ATG 10.2

    Williams Herrera

      Hi gurus,

       

      im try to execute de LEGACY REST examples. The login works fine but, this command is not working, Can you help me??

       

      curl -v -b cookies.txt -X GET http://localhost:8080/rest/repository/atg/userprofiling/ProfileAdapterRepository/user

       

      * Adding handle: conn: 0x80e560

      * Adding handle: send: 0

      * Adding handle: recv: 0

      * Curl_addHandleToPipeline: length: 1

      * - Conn 0 (0x80e560) send_pipe: 1, recv_pipe: 0

      * About to connect() to localhost port 8080 (#0)

      *   Trying 127.0.0.1...

      * Connected to localhost (127.0.0.1) port 8080 (#0)

      > GET /rest/repository/atg/userprofiling/ProfileAdapterRepository/user HTTP/1.1

      > User-Agent: curl/7.32.0

      > Host: localhost:8080

      > Accept: */*

      > Cookie: JSESSIONID=4549E48ABC0B117FEFDB132C6A481084

      >

      < HTTP/1.1 401 Unauthorized

      * Server Apache-Coyote/1.1 is not blacklisted

      < Server: Apache-Coyote/1.1

      < X-Powered-By: Servlet 2.5; JBoss-5.0/JBossWeb-2.1

      < X-ATG-Version: version=QVRHUGxhdGZvcm0vMTAuMixDb21tZXJjZVJlZmVyZW5jZVN0b3JlLzEwLjI=

      < Content-Type: text/html;charset=utf-8

      < Content-Length: 1256

      < Date: Thu, 12 Sep 2013 16:05:08 GMT

      <

      <html><head><title>JBoss Web/2.1.3.GA - Error report</title><style><!--H1 {font-family:Ta

      olor:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;backgro

      mily:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {

      k;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-

      ns-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : b

      <body><h1>HTTP Status 401 - Access to the requested unsecured repository is not allowed.

      <HR size="1" noshade="noshade"><p><b>type</b> Status report</p><p><b>message</b> <u>Acces

      allowed. System is configured to not allow access.</u></p><p><b>description</b> <u>This

      o the requested unsecured repository is not allowed. System is configured to not allow ac

      <h3>JBoss Web/2.1.3.GA</h3></body></html>* Connection #0 to host localhost left intact

       

       

       

       

      THANKS

      Williams

        • 1. Re: LEGACY REST ATG 10.2
          Williams Herrera

          The security file (restSecurityConfiguration.xml) that im using is the follow;

           

          <rest-security>

          <default-acl value="Profile$login$williams:read,write,execute"/>

           

          <resource component="/atg/dynamo/Configuration" secure="true">

            <method name="httpPort" secure="false"/>

          </resource>

           

          <resource component="/atg/userprofiling/MyAccount/personalInfo" secure="true">

            </resource>

            <resource component="/atg/targeting/TargetingServices">

             <method name="targerterResolver" secure="false"/>

             <method name="executeRepositoryTargeterItems" secure="false"/>

            </resource>

           

          <resource component="atg/userprofiling/ProfileAdapterRepository" secure="false">

             <default-acl value="Profile$login$williams:read,write,execute"/>

             <method name="user" secure="false" requiresSessionConfirmation="false"/>

          </resource>

           

          </rest-security>

           

          Thanks

          Williams

          • 2. Re: LEGACY REST ATG 10.2
            Nitin Khare

            Try providing the ACL for the method that you are trying to access and see if it helps.

             

            <resource component="atg/userprofiling/ProfileAdapterRepository" secure="false">

                <default-acl value="Profile$login$williams:read,write,execute"/>

                <method name="user" secure="false" requiresSessionConfirmation="false">

                  <acl value="Profile$login$williams:read,write,execute" />

                </method>

            </resource>

            • 3. Re: LEGACY REST ATG 10.2
              Williams Herrera

              Hi Nitin,

               

              I try the configuration you gave but it didnt work.

               

              Any other idea?

               

              This is the message:

               

              C:\Users\wherrera\Desktop>curl -v -b cookies.txt -X GET http://localhost:8080/rest/repository/atg/userprofiling/ProfileAdapterRepository/user

              * Adding handle: conn: 0x6fe560

              * Adding handle: send: 0

              * Adding handle: recv: 0

              * Curl_addHandleToPipeline: length: 1

              * - Conn 0 (0x6fe560) send_pipe: 1, recv_pipe: 0

              * About to connect() to localhost port 8080 (#0)

              *   Trying 127.0.0.1...

              * Connected to localhost (127.0.0.1) port 8080 (#0)

              > GET /rest/repository/atg/userprofiling/ProfileAdapterRepository/user HTTP/1.1

              > User-Agent: curl/7.32.0

              > Host: localhost:8080

              > Accept: */*

              > Cookie: DYN_USER_CONFIRM=87e97acb105db0ef16c8b10c2bc3c20d; DYN_USER_ID=230000; JSESSIONID=826F69D2FD79FB681893079C07BA045F

              >

              < HTTP/1.1 401 Unauthorized

              * Server Apache-Coyote/1.1 is not blacklisted

              < Server: Apache-Coyote/1.1

              < X-Powered-By: Servlet 2.5; JBoss-5.0/JBossWeb-2.1

              < X-ATG-Version: version=QVRHUGxhdGZvcm0vMTAuMixDb21tZXJjZVJlZmVyZW5jZVN0b3JlLzEwLjI=

              < Content-Type: text/html;charset=utf-8

              < Content-Length: 1256

              < Date: Fri, 13 Sep 2013 14:26:30 GMT

              <

              <html><head><title>JBoss Web/2.1.3.GA - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-c

              olor:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-fa

              mily:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:blac

              k;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sa

              ns-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--></style> </head>

              <body><h1>HTTP Status 401 - Access to the requested unsecured repository is not allowed. System is configured to not allow access.</h1>

              <HR size="1" noshade="noshade"><p><b>type</b> Status report</p><p><b>message</b> <u>Access to the requested unsecured repository is not

              allowed. System is configured to not allow access.</u></p><p><b>description</b> <u>This request requires HTTP authentication (Access t

              o the requested unsecured repository is not allowed. System is configured to not allow access.).</u></p><HR size="1" noshade="noshade">

              <h3>JBoss Web/2.1.3.GA</h3></body></html>* Connection #0 to host localhost left intact

               

              thanks!

              Williams

              • 4. Re: LEGACY REST ATG 10.2
                Nitin Khare

                As you see in the error details, it is coming because your rest security configuration is not configured for allowing access to unsecured repository. Try changing allowAccessForUnsecuredRepository property to true in your componenet configuration of /atg/rest/processor/RestSecurityProcessor. For production environment it should be kept false and you would have to create a secured repository definition of your repository in order to make it secure and make it work with the ACL in the rest security configuration.

                • 5. Re: LEGACY REST ATG 10.2
                  Williams Herrera

                  Thanks Nitin!

                  We just test changing that property and it WORKS!!  I really appreciation the help!

                   

                  In order to follow the process, we are installing dev enviroment and i would like to setup the secured repository y ACL definitions as you said.

                   

                  Can i bother you with this? do i have to create another post?

                   

                  thanks again!

                  Williams Herrera L.

                  • 6. Re: LEGACY REST ATG 10.2
                    Nitin Khare

                    Glad that it worked for you. You can keep posting the updates and create a new thread in case required. Thanks.