REST authentication [message #1834623] |
Fri, 13 November 2020 16:47 |
Seydou Zakou Messages: 44 Registered: May 2020 |
Member |
|
|
Hello Everybody,
We are making REST api for our scout application, but have problem accessing service with protected method.
When we access simple end point that does not make use of backend (server), everything work.
Query:
curl -X GET -H "Accept:application/json" -H "Content-Type:application/json" http://localhost:8082/api/example/szakou
Response
{"name":"szakou","values":[1,2,3,4,5],"empty":false}
But when we make call to backend, where there is ACCESS check, we got 404 error such as:
Query:
curl -X GET -H "Accept:application/json" -H "Content-Type:application/json" http://localhost:8082/api/user/1eb20214-094e-6019-b212-790cc1808ee7
Response:
{"error":{"message":"An internal server error has occured.","errorCode":null,"httpStatus":500,"correlationId":null,"title":null,"errorCodeAsInt":0,"empty":false},"empty":false}
With the following error in UI Log:
org.eclipse.scout.rt.platform.util.Assertions$AssertionException: Assertion error: Transaction required
at org.eclipse.scout.rt.platform.util.Assertions.fail(Assertions.java:621)
at org.eclipse.scout.rt.platform.util.Assertions.assertNotNull(Assertions.java:87)
at org.eclipse.scout.rt.server.jdbc.AbstractSqlService.getTransaction(AbstractSqlService.java:578)
at org.eclipse.scout.rt.server.jdbc.AbstractSqlService.select(AbstractSqlService.java:611)
at org.eclipse.scout.rt.server.jdbc.SQL.select(SQL.java:96)
at com.groupesepro.bp.core.server.security.UserService.isGroupMember(UserService.java:221)
at com.groupesepro.bp.core.server.security.ServerAccessControlService.execLoadPermissions(ServerAccessControlService.java:41)
at com.groupesepro.bp.core.shared.security.AccessControlService.execLoadPermissions(AccessControlService.java:1)
at org.eclipse.scout.rt.platform.cache.BasicCache.get(BasicCache.java:79)
at org.eclipse.scout.rt.platform.cache.AbstractCacheWrapper.get(AbstractCacheWrapper.java:44)
at org.eclipse.scout.rt.platform.cache.AbstractCacheWrapper.get(AbstractCacheWrapper.java:44)
at org.eclipse.scout.rt.security.AbstractAccessControlService.getPermissions(AbstractAccessControlService.java:177)
at org.eclipse.scout.rt.security.AccessSupport.check(AccessSupport.java:25)
at org.eclipse.scout.rt.security.ACCESS.check(ACCESS.java:38)
at com.groupesepro.bp.core.server.security.UserService.load(UserService.java:69)
at com.groupesepro.bp.core.client.api.UserResource.getExamlpeEntity(UserResource.java:34)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at org.glassfish.jersey.server.model.internal.ResourceMethodInvocationHandlerFactory.lambda$static$0(ResourceMethodInvocationHandlerFactory.java:52)
at org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher$1.run(AbstractJavaResourceMethodDispatcher.java:124)
at org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher.invoke(AbstractJavaResourceMethodDispatcher.java:167)
at org.glassfish.jersey.server.model.internal.JavaResourceMethodDispatcherProvider$TypeOutInvoker.doDispatch(JavaResourceMethodDispatcherProvider.java:219)
at org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher.dispatch(AbstractJavaResourceMethodDispatcher.java:79)
at org.glassfish.jersey.server.model.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:469)
at org.glassfish.jersey.server.model.ResourceMethodInvoker.apply(ResourceMethodInvoker.java:391)
at org.glassfish.jersey.server.model.ResourceMethodInvoker.apply(ResourceMethodInvoker.java:80)
at org.glassfish.jersey.server.ServerRuntime$1.run(ServerRuntime.java:253)
at org.glassfish.jersey.internal.Errors$1.call(Errors.java:248)
at org.glassfish.jersey.internal.Errors$1.call(Errors.java:244)
at org.glassfish.jersey.internal.Errors.process(Errors.java:292)
at org.glassfish.jersey.internal.Errors.process(Errors.java:274)
at org.glassfish.jersey.internal.Errors.process(Errors.java:244)
at org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:265)
at org.glassfish.jersey.server.ServerRuntime.process(ServerRuntime.java:232)
at org.glassfish.jersey.server.ApplicationHandler.handle(ApplicationHandler.java:680)
at org.glassfish.jersey.servlet.WebComponent.serviceImpl(WebComponent.java:394)
at org.glassfish.jersey.servlet.WebComponent.service(WebComponent.java:346)
at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:366)
at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:319)
at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:205)
at org.eclipse.jetty.servlet.ServletHolder$NotAsyncServlet.service(ServletHolder.java:1411)
at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:763)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1631)
at org.eclipse.scout.rt.server.commons.servlet.filter.gzip.GzipServletFilter.doFilter(GzipServletFilter.java:84)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1618)
at org.eclipse.scout.rt.server.commons.authentication.ServletFilterHelper.lambda$0(ServletFilterHelper.java:204)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at java.base/javax.security.auth.Subject.doAs(Subject.java:423)
at org.eclipse.scout.rt.server.commons.authentication.ServletFilterHelper.continueChainAsSubject(ServletFilterHelper.java:200)
at org.eclipse.scout.rt.server.commons.authentication.AnonymousAccessController.handle(AnonymousAccessController.java:61)
at org.eclipse.scout.rt.server.commons.authentication.DevelopmentAccessController.handle(DevelopmentAccessController.java:68)
at com.groupesepro.bp.ui.html.UiServletFilter.doFilter(UiServletFilter.java:58)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1610)
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:549)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:602)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)
at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:235)
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1610)
at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233)
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1369)
at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188)
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:489)
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1580)
at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186)
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1284)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)
at org.eclipse.jetty.server.Server.handle(Server.java:501)
at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:383)
at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:556)
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:375)
at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:272)
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:103)
at org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104)
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:336)
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:313)
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:171)
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:129)
at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:375)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:806)
at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:938)
at java.base/java.lang.Thread.run(Thread.java:834)
I understant that, our query did send authentication information about who is doing the request, but we don't know how to initiate the login process with REST and how to send the authentication infos with subsequent request. We have tried with the -u login:password with CURL , but as we expected it didn't work.
Does anyone has an idea how ?
[Updated on: Fri, 13 November 2020 16:48] Report message to a moderator
|
|
|
|
|
Powered by
FUDForum. Page generated in 0.02844 seconds