Forums

Home » Liferay Portal » English » 3. Development

Combination View Flat View Tree View
Threads [ Previous | Next ]
Glenn Ivan Butler
REST/JSON authentication
June 7, 2008 10:36 PM
Answer

Glenn Ivan Butler

Rank: New Member

Posts: 9

Join Date: April 17, 2008

Recent Posts

Has anyone use the REST/JSON calls to access Liferay services, in particular, User services. I can make the call properly but I get the json exception:

"{"exception":"com.liferay.portal.security.auth.PrincipalException"}"

My call is :
http://localhost:8080/c/portal/json_service?serviceClassName=com.liferay.portal.service.http.UserServiceJSON&serviceMethodName=getUserById&userId=10128&serviceParameters=userId

Thanks for any help.
Ray Augé
Re: [Liferay Forums][3. Development] REST/JSON authentication
July 9, 2008 1:24 PM
Answer

Ray Augé

LIFERAY STAFF

Rank: Liferay Legend

Posts: 1171

Join Date: February 7, 2005

Recent Posts

On Sun, 2008-06-08 at 05:36 +0000, Glenn Ivan Butler at Liferay's
Community Forums wrote:

> Has anyone use the REST/JSON calls to access Liferay services, in
> particular, User services. I can make the call properly but I get the
> json exception:
>
> "{"exception":"com.liferay.portal.security.auth.PrincipalException"}"
>
> My call is :
> http://localhost:8080/c/portal/json_service?serviceClassName=com.liferay.portal.service.http.UserServiceJSON&serviceMethodName=getUserById&userId=10128&serviceParameters=userId


Try accessing through the tunnel-web application and using basic HTTP
login credentials:

http://joebloggs:test@localhost:8080/tunnel-web/secure/json/?serviceClassName=com.liferay.portal.service.http.UserServiceJSON&serviceMethodName=getUserById&userId=10128&serviceParameters=userId

Most of the remote service calls require some form or authorization,
very few can be used without it, and while this is available from the
thread local while logged into the portal... you need to pass
credentials to web services in order to have it with web service. This
is what tunnel-web handles.


----------------------------------
Raymond Augé
Software Engineer
Liferay, Inc.
Enterprise. Open Source. For Life.
----------------------------------

Liferay Meetup 2008 – Los Angeles

August 1, 2008

Meet and brainstorm with the creators of Liferay Portal, our partners
and other members of our community!

The day will consist of a series of technical sessions presented by our
integration and services partners. There is time set aside for Q&A and
corporate brainstorming to give the community a chance to give feedback
and make suggestions!

View Event Details

Register Now
zaheer mohammed saddapalli
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication
August 27, 2009 1:46 AM
Answer

zaheer mohammed saddapalli

Rank: Regular Member

Posts: 164

Join Date: January 15, 2008

Recent Posts

Hi Ray,

Currently i am working on Liferay 5.2.3 version.

In 5.2.1 i have made some customization to GroupServiceJSON.java which will expose RestEASYService.

I didn't find those files in 5.2.3.


But *ServiceJSON.java files are getting generated for my custom portlets.


How can i generate this files in Portal Source 5.2.3.


S Mohammed Zaheer
Senior Software Engineer
InfoAxon Technologies
http://www.infoaxon.com
Dave Morris
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication
September 15, 2009 8:35 PM
Answer

Dave Morris

Rank: Junior Member

Posts: 27

Join Date: May 7, 2009

Recent Posts

Ray,

I cannot for the life of me find ANY good documentation about how to call Liferay services using the REST API. I am using 5.2.3, and I see that the *ServiceJSON.java files are being deleted in the service builder. Is there a good reason for this? How am I supposed to use the REST API when every tutorial on the internet says to use the non-existent *ServiceJSON.java files?

I would really appreciate at least a brief response about this issue. I'm trying to do a demo of this feature to a client, and without it, Liferay loses a little bit of the wow factor.

Thanks for the help,

Dave
Helmut Denk
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication
September 15, 2009 10:10 PM
Answer

Helmut Denk

Rank: Junior Member

Posts: 52

Join Date: May 12, 2006

Recent Posts

hi dave,

i've posted a similar question about REST/JSON access a few weeks ago.
got no reply so far.

i still would like to know, if this works with 5.2.3 and
if so ... what am i doing wrong ?

have a nice time
Dave Morris
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication
September 16, 2009 10:25 PM
Answer

Dave Morris

Rank: Junior Member

Posts: 27

Join Date: May 7, 2009

Recent Posts

I finally had some time to figure this one out. I posted it on the original REST API blog post by Ray, but here it is again so hopefully google will index it and people won't suffer through this in the future:

Original REST JSON API Blog Post

Here is an updated example that will work with Liferay 5.2.3

This example uses the Zend API just because it was what I had available at the time, but the concept applies to any Http client API in PHP or any other language for that matter. The main thing to notice here is that the serviceClassName is different, because ServiceBuilder no longer generates the *ServiceJSON.java files.

Also, make sure you add this line to your portal-ext.properties file to allow the json servlet to be accessible from some IP address or hostname:

json.servlet.hosts.allowed=localhost,127.0.0.1

 1
 2<?php
 3require_once ('Zend/Http/Client.php');
 4require_once ('Zend/Json.php');
 5
 6$liferay = new Zend_Http_Client();
 7
 8$liferay->setUri('http://localhost:8080/tunnel-web/secure/json');
 9
10// set parameters to return a list of countries from the Liferay db
11$liferay->setParameterGet(array(
12    'serviceClassName' => 'com.liferay.portal.service.CountryServiceUtil',
13    'serviceMethodName' => 'getCountries'
14));
15
16// set authentication
17$liferay->setAuth('userid', 'password');
18
19// send the request
20$result = $liferay->request("GET");
21
22// get back a json response
23$json = Zend_Json::decode($result->getBody());
24
25// print the json object
26echo $result->getBody();
27
28?>


And if you're having trouble getting it to work, check out SecureFilter.java, JSONServiceAction.java, and JSONServlet.java to figure out what's going on.



Let me know if that works for you. I can do a sample script that puts data back into Liferay if you need help with that, as well.
Helmut Denk
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication
September 17, 2009 7:36 AM
Answer

Helmut Denk

Rank: Junior Member

Posts: 52

Join Date: May 12, 2006

Recent Posts

hi dave,

you got it. that's fantastic.

urls that work with 5.2.3 bundle:

(i have set company.security.auth.type=screenName)

http://bruno:bruno@localhost:8080/tunnel-web/secure/json?serviceClassName=com.liferay.portal.service.CountryServiceUtil&serviceMethodName=getCountries

http://localhost:8080/tunnel-web/secure/json?serviceClassName=com.liferay.portal.service.CountryServiceUtil&serviceMethodName=getCountries

http://bruno:bruno@localhost:8080/tunnel-web/json?serviceClassName=com.liferay.portal.service.UserServiceUtil&serviceMethodName=getUserById&userId=10416&serviceParameters=userId

http://localhost:8080/tunnel-web/json?serviceClassName=com.liferay.portal.service.UserServiceUtil&serviceMethodName=getUserById&userId=10416&serviceParameters=userId

thanks & have a successful time
zaheer mohammed saddapalli
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication
September 17, 2009 11:21 PM
Answer

zaheer mohammed saddapalli

Rank: Regular Member

Posts: 164

Join Date: January 15, 2008

Recent Posts

Excellent,


This works for me.

Still i have doubt why *ServiceJSON.java not generating using Liferay Service Builder?


With regards,
S Mohammed Zaheer
François LE QUEMENER
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication
October 20, 2009 1:51 AM
Answer

François LE QUEMENER

Rank: Junior Member

Posts: 48

Join Date: September 18, 2009

Recent Posts

Hi,
I have quite the same problem, but using the Liferay.Service.Portal.User.getUserIdByEmailAddress method.
Here is my call:


 1Liferay.Service.Portal.User.getUserIdByEmailAddress(
 2        {
 3            companyId: <%= currentContact.getCompanyId() %>,
 4            emailAddress: jQuery("#_58_emailAddress").val()
 5        },
 6        function(message) {
 7            var exception = message.exception;
 8
 9            if (!exception) {
10                // email already exists
11            }
12            else {
13                //OK
14            }
15        });


I get: com.liferay.portal.security.auth.PrincipalException

How can I get through this?
Tor Iver Wilhelmsen
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication
December 29, 2009 6:39 AM
Answer

Tor Iver Wilhelmsen

Rank: Junior Member

Posts: 60

Join Date: December 3, 2008

Recent Posts

zaheer mohammed saddapalli:
Still i have doubt why *ServiceJSON.java not generating using Liferay Service Builder?


Maybe they concluded it was pointless when the json servlet could use "normal" Java *ServiceUtil calls and convert objects using json-simple or Jackson. Even if it broke backward compatibility. emoticon
Smilelws2010 lwz
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication
January 28, 2013 7:38 AM
Answer

Smilelws2010 lwz

Rank: Regular Member

Posts: 153

Join Date: December 16, 2010

Recent Posts

HI Ray,

I am working with Liferay service builder 6.1 portlet with remote-service set to true.The portlet is fine

Now I want to access it through a URL. On hitting the url, http://localhost:8080/sample-portlet/api/jsonws/?serviceClassName=com.sample.service.SampleServiceUtil&serviceMethodName=findemail&serviceParameters=&email=abc@abc.com .

It is prompting for user name, password. Is there a way to avoid that? I saw the property to be added in portlat-ext - json.service.auth.token.enabled=false, but did not do much help.

Any thoughts or reference.
Thanks in advance

Smile
Smilelws2010 lwz
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication
January 28, 2013 7:38 AM
Answer

Smilelws2010 lwz

Rank: Regular Member

Posts: 153

Join Date: December 16, 2010

Recent Posts

Even if I am logged in at the time of making the service call, when you actually hit the service url on a browser it says "you must log in to area “PortalRealm” on localhost:8080." is there a way to avoid this.
MICHAIL MOUDATSOS
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication
April 30, 2013 6:57 AM
Answer

MICHAIL MOUDATSOS

Rank: Regular Member

Posts: 110

Join Date: October 4, 2011

Recent Posts

Smilelws2010 lwz:
Even if I am logged in at the time of making the service call, when you actually hit the service url on a browser it says "you must log in to area “PortalRealm” on localhost:8080." is there a way to avoid this.
We have the exact same question. Could anyone reply on this, please?

Thank you in advance!

P.S. We don't want to disable authentication, we 're just trying to find out how to automate it for a logged-in user
Jeffrey Jarin
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication
September 11, 2013 2:20 PM
Answer

Jeffrey Jarin

Rank: Junior Member

Posts: 30

Join Date: July 5, 2013

Recent Posts

Is there any update on this?
Im still seeing this as well
Even if I am logged in at the time of making the service call, when you actually hit the service url on a browser it says "you must log in to area “PortalRealm” on localhost:8080." is there a way to avoid this.
Clint Wilde
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication
March 19, 2014 12:51 PM
Answer

Clint Wilde

Rank: New Member

Posts: 6

Join Date: March 5, 2013

Recent Posts

I have the same issue. I only have 2 requirements:

1. If the URL is accessed directly from the browser, I want to be challenged for the user and password.
2. When the REST URL is accessed from within a JSP on the SAME host, I don't want it to ask for a user/password. (The user is already logged in to the portal).

I have tried multiple combinations of the following settings in portal-ext.properties:

# for json web services
auth.token.check.enabled=false
json.service.auth.token.enabled=false
# jsonws.web.service.public.methods=get*,has*,is*,find*,save*,remove*,xx*,update*
jsonws.web.service.public.methods=
#json.service.public.methods=get*,has*,is*,find*,save*,remove*,xx*,update*
json.service.public.methods=
# json.service.public.methods=get*
json.service.auth.token.hosts.allowed=127.0.0.1

What am I doing wrong?
Tomas Polesovsky
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication
March 26, 2014 8:25 AM
Answer

Tomas Polesovsky

LIFERAY STAFF

Rank: Liferay Master

Posts: 574

Join Date: February 13, 2009

Recent Posts

Hi Clint,

next time please create a new thread and don't resurrect dead threads. When I see the thread already has some answers I usually don't look inside.

Clint Wilde:
I have the same issue. I only have 2 requirements:

1. If the URL is accessed directly from the browser, I want to be challenged for the user and password.
2. When the REST URL is accessed from within a JSP on the SAME host, I don't want it to ask for a user/password. (The user is already logged in to the portal).


#1: depends on the portal version you use.
For version < 6.2 you need to access the portal services via /api/secure/jsonws...
For version >= 6.2 you need to explicitly configure the authentication method you prefer. Into portal-ext.properties add:
1jsonws.servlet.basic_auth=true


#2: use portal context to access the JSONWS, not plugin context. Please see section Portal cookies belong to the portal context in https://www.liferay.com/web/tomas.polesovsky/blog/-/blogs/json-ws-security/.

Clint Wilde:
# for json web services
auth.token.check.enabled=false
json.service.auth.token.enabled=false

Please don't disable auth.tokens. You open yourself to CSRF attacks (please read the blog post above).