1 2 Previous Next 15 Replies Latest reply: Oct 11, 2012 5:21 PM by 964017 RSS

    Not able to invoke ATG  Rest services

    936196
      Hi,

      I'm new ATG Rest service, To just create a dummy rest service I followed the below steps.

      1. added REST module in MANIFEST.MF file
      ATG-Required: DAS DPS DSS DCS B2CCommerce DAS REST

      2. created restSecurityCnfiguration.xml under atg/rest/seurity and following is the content of this file

      <programlisting>
           <rest-security>
                <default-acl value="Profile$login$admin:read,write,execute" />
                <resource component="/atg/service/TestComponent" secure="false"/>
           </rest-security>
      </programlisting>



      3. Created a TestComponent in my existing application and created a method testName

      public class TestComponent {
           
           public String getTestName(){
                return "arvind";
           }
      }

      4. Deployed my application on jboss.

      Now I'm trying to invoke this from a java class

      protected void execute() throws RestClientException {
                
                String mUsername = "admin";
                String mPassword = "admin";
                String mHost = "localhost";
                int mPort = 8080;
                RestSession mSession = null;
                
                RestResult result = null;
                mSession = RestSession.createSession(mHost, mPort, mUsername, mPassword);
                mSession.setUseHttpsForLogin(false);
                mSession.setUseInternalProfileForLogin(false);

                try {
                     mSession.login();
                     println("Login Successful");

                     result = RestComponentHelper.executeMethod("/atg/service/TestComponent", "testName", new Object[] {}, null, mSession);

                }

                catch (Throwable t) {
                     println(t);
                } finally {
                     try {
                          mSession.logout();
                          println("Logout Successful");
                     } catch (RestClientException e) {
                          println(e);
                     }
                }
           }

      ----------------------------------------------------------------------out put ---------------------------------------------

      Login Successful
      atg.rest.client.RestClientException: java.io.IOException: Unauthorized Server returned HTTP response code: 401 for URL: http://localhost:8080/rest/bean/atg/service/TestComponent/testName
           at atg.rest.client.RestSession.createHttpRequest(RestSession.java:755)
           at atg.rest.client.RestComponentHelper.executeMethod(RestComponentHelper.java:252)
           at com.techm.restclient.RestClientSample.execute(RestClientSample.java:63)
           at com.techm.restclient.RestClientSample.main(RestClientSample.java:87)
      Caused by: java.io.IOException: Unauthorized Server returned HTTP response code: 401 for URL: http://localhost:8080/rest/bean/atg/service/TestComponent/testName
           at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1436)
           at atg.rest.client.RestSession.createHttpRequest(RestSession.java:745)
           ... 3 more
      Logout Successful
      --------------------------------------------------------------------------------------------------------------------------------------------------

      Even if I provide any username and password, which don't even exist, it says login succussful but while invocation it fails. Please help me here,
      What is default user I can use? or way to create new user ?
      Thanks in Advance,

      Arvind

      Edited by: Arvind Pal on Oct 4, 2012 10:21 AM

      Edited by: Arvind Pal on Oct 4, 2012 10:22 AM
        • 1. Re: Not able to invoke ATG  Rest services
          Nitin Khare
          401 status code signifies unauthorized access and user session do not have proper security credentials to execute the method or access the requested resource. Can you try creating a new user profile say "Arvind" and use it in the REST security configuration ACL as:

          <default-acl value="Profile$login$Arvind:read,write,execute" />

          Any new user that you create will be created in ProfileAdapterRepository which would actually be an external profile. You can also use any existing user credentials from ProfileAdapterRepository. Since setUseInternalProfileForLogin() has been called with false on the RestSession so it will be doing the user authentication from ProfileAdapterRepository. It should definitely work this way.

          I am not sure about using admin/admin which is actually one of the default ATG system admin accounts maintained in /atg/dynamo/security/AdminSqlRepository, you may try calling setUseInternalProfileForLogin() with true and see if it works for the default admin user but I have some doubts over it.
          • 2. Re: Not able to invoke ATG  Rest services
            karthik chopperla
            I think you are printing the "Login Succesful" irrespective of the login happend or not. Check if mSession.login() returns the profileId or not. If its empty/null, may be login did not happen.

            Should not the method name be getTestName ?? Try this if login returns a profile Id.

            RestComponentHelper.executeMethod("/atg/service/TestComponent", "getTestName", new Object[] {}, null, mSession);

            -karthik
            • 3. Re: Not able to invoke ATG  Rest services
              Nitin Khare
              You may tweak your code something like this which I think should work with the profile (external):
              RestSession session = RestSession.createSession(host, port, userName, password);
              try {  
                ..
                ..
                String loginStatus = session.login();
                if(loginStatus == null || "null".equals(loginStatus)) {
                  session = null;
                  System.out.println("Login Failed");
                }
                else {
                  System.out.println("Login Successful");
                  
                  //perform some activity say accessing property value from a component
                  RestResult result = RestComponentHelper.getPropertyValue("/atg/service/TestComponent", "testName", null, session);
                  String responseData = result.readInputStream();
                  if (responseData != null) {
                    JSONObject json = new JSONObject(responseData);
                    System.out.println(json.toString());
                  }
                }
              }
              catch (Throwable t) {
                t.printStackTrace(System.out);
              }
              finally {
                try {
                  if(session != null) {
                    session.logout();
                    System.out.println("Logout Successful");
                  }
                }
                catch (RestClientException e) {
                  e.printStackTrace(System.out);
                }
              }
              • 4. Re: Not able to invoke ATG  Rest services
                936196
                How to create a new user ?
                • 5. Re: Not able to invoke ATG  Rest services
                  936196
                  How to create new user ?
                  • 6. Re: Not able to invoke ATG  Rest services
                    karthik chopperla
                    Just go to ACC and create a new user. Or register yourself on environment you are running in.

                    -karthik
                    • 7. Re: Not able to invoke ATG  Rest services
                      936196
                      I created a user through ACC, and made the following changes.

                      <programlisting>
                           <rest-security>
                                <default-acl value="Profile$login$arvind:read,write,execute" />
                                <resource component="/atg/service/TestComponent" secure="false"/>
                           </rest-security>
                      </programlisting>




                      and now I'm getting the loginStatus i.e userid of user "arvind".
                      But while executing the invocation of web service call I'm getting the same exception.

                      Do we need to give some permission somewhere for this user ? or I'm doing something wrong with restSecurityConfiguration.xml



                      Login status[390002]
                      Login Successful
                      atg.rest.client.RestClientException: java.io.IOException: Unauthorized Server returned HTTP response code: 401 for URL: http://localhost:8080/rest/bean/atg/service/TestComponent/getTestName
                           at atg.rest.client.RestSession.createHttpRequest(RestSession.java:755)
                           at atg.rest.client.RestSession.createHttpRequest(RestSession.java:722)
                           at atg.rest.client.RestComponentHelper.getPropertyValue(RestComponentHelper.java:182)
                           at com.techm.restclient.RestClientSample.execute(RestClientSample.java:98)
                           at com.techm.restclient.RestClientSample.main(RestClientSample.java:128)
                      Caused by: java.io.IOException: Unauthorized Server returned HTTP response code: 401 for URL: http://localhost:8080/rest/bean/atg/service/TestComponent/getTestName
                           at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1436)
                           at atg.rest.client.RestSession.createHttpRequest(RestSession.java:745)
                           ... 4 more
                      Logout Successful

                      Edited by: Arvind Pal on Oct 4, 2012 12:36 PM
                      • 8. Re: Not able to invoke ATG  Rest services
                        karthik chopperla
                        Check if this is true in /atg/rest/processor/RestSecurityProcessor
                        allowAccessForUnsecuredRepository=true

                        -karthik
                        • 9. Re: Not able to invoke ATG  Rest services
                          936196
                          I made it true through dyn admin, But it didn't make any differance.
                          • 10. Re: Not able to invoke ATG  Rest services
                            karthik chopperla
                            You are not calling any repository, so it should nt make difference. Try removing profile level access. Just disable security completely and see if it works

                            <rest-security>
                            <default-acl value="Profile$role$Arvind:read,write,execute"/>
                            <resource component="/path_to_component/TestComponent" security="false>
                            </resource>
                            </rest-security>

                            -karthik
                            • 11. Re: Not able to invoke ATG  Rest services
                              936196
                              figured out the issue.

                              When I defined
                              <default-acl value="Profile$login$arvind:read,write,execute" />


                              1. Created a user "arvind" through ACC
                              2. Create a role "login"
                              3. Added arvind as member to "login".


                              Now this works to me. :)

                              --------------------------output------------------------
                              Login status[390002]
                              Login Successful
                              {"testName":"arvind chandok"}
                              Logout Successful

                              Edited by: Arvind Pal on Oct 4, 2012 2:03 PM
                              • 12. Re: Not able to invoke ATG  Rest services
                                964017
                                The line:

                                <resource component="/atg/service/TestComponent" secure="false"/>

                                turns off all security for the component (so you can call "getComponent") so you don't need to log-in at all. The problem is that you aren't accessing the component but rather the "testName" method of that component. If you update the security to be:

                                <resource component="/atg/service/TestComponent" secure="false">
                                <method name="testName" secure="false"/>
                                </resource>

                                then you will be able to hit the method without logging in.

                                If you want to use '<default-acl value="Profile$login$arvind:read,write,execute" />' instead to open up everything to arvind, then you don't need the '<resource component="/atg/service/TestComponent" secure="false"/>' line at all because the default already opens it up.
                                • 13. Re: Not able to invoke ATG  Rest services
                                  936196
                                  So What would be the client code in that case ?

                                  If I'm using
                                  result = RestComponentHelper.getPropertyValue("/atg/service/TestComponent", "testName", null, mSession);

                                  Here session object is necessary to passed.
                                  how would I create session object ?
                                  • 14. Re: Not able to invoke ATG  Rest services
                                    936196
                                    With ajax jsonp request I'm able to call it,

                                    Thanks
                                    1 2 Previous Next