Fórum

RE: Re: [Liferay Forums][3. Development] REST/JSON authentication

Glenn Ivan Butler, modificado 15 Anos atrás.

REST/JSON authentication

New Member Postagens: 8 Data de Entrada: 17/04/08 Postagens Recentes
Has anyone use the REST/JSON calls to access Liferay services, in particular, User services. I can make the call properly but I get the json exception:

"{"exception":"com.liferay.portal.security.auth.PrincipalException"}"

My call is :
http://localhost:8080/c/portal/json_service?serviceClassName=com.liferay.portal.service.http.UserServiceJSON&serviceMethodName=getUserById&userId=10128&serviceParameters=userId

Thanks for any help.
thumbnail
Ray Augé, modificado 15 Anos atrás.

Re: [Liferay Forums][3. Development] REST/JSON authentication

Liferay Legend Postagens: 1197 Data de Entrada: 08/02/05 Postagens Recentes
On Sun, 2008-06-08 at 05:36 +0000, Glenn Ivan Butler at Liferay's
Community Forums wrote:

> Has anyone use the REST/JSON calls to access Liferay services, in
> particular, User services. I can make the call properly but I get the
> json exception:
>
> "{"exception":"com.liferay.portal.security.auth.PrincipalException"}"
>
> My call is :
> http://localhost:8080/c/portal/json_service?serviceClassName=com.liferay.portal.service.http.UserServiceJSON&serviceMethodName=getUserById&userId=10128&serviceParameters=userId


Try accessing through the tunnel-web application and using basic HTTP
login credentials:

[tt]http://joebloggs:test@localhost:8080/tunnel-web/secure/json/?serviceClassName=com.liferay.portal.service.http.UserServiceJSON&serviceMethodName=getUserById&userId=10128&serviceParameters=userId[/tt]

Most of the remote service calls require some form or authorization,
very few can be used without it, and while this is available from the
thread local while logged into the portal... you need to pass
credentials to web services in order to have it with web service. This
is what tunnel-web handles.


----------------------------------
Raymond Augé
Software Engineer
Liferay, Inc.
Enterprise. Open Source. For Life.
----------------------------------

Liferay Meetup 2008 – Los Angeles

August 1, 2008

Meet and brainstorm with the creators of Liferay Portal, our partners
and other members of our community!

The day will consist of a series of technical sessions presented by our
integration and services partners. There is time set aside for Q&A and
corporate brainstorming to give the community a chance to give feedback
and make suggestions!

View Event Details

Register Now
thumbnail
zaheer mohammed saddapalli, modificado 14 Anos atrás.

RE: Re: [Liferay Forums][3. Development] REST/JSON authentication

Regular Member Postagens: 165 Data de Entrada: 15/01/08 Postagens Recentes
Hi Ray,

Currently i am working on Liferay 5.2.3 version.

In 5.2.1 i have made some customization to GroupServiceJSON.java which will expose RestEASYService.

I didn't find those files in 5.2.3.


But *ServiceJSON.java files are getting generated for my custom portlets.


How can i generate this files in Portal Source 5.2.3.


S Mohammed Zaheer
Senior Software Engineer
InfoAxon Technologies
http://www.infoaxon.com
thumbnail
Dave Morris, modificado 14 Anos atrás.

RE: Re: [Liferay Forums][3. Development] REST/JSON authentication

Junior Member Postagens: 27 Data de Entrada: 07/05/09 Postagens Recentes
Ray,

I cannot for the life of me find ANY good documentation about how to call Liferay services using the REST API. I am using 5.2.3, and I see that the *ServiceJSON.java files are being deleted in the service builder. Is there a good reason for this? How am I supposed to use the REST API when every tutorial on the internet says to use the non-existent *ServiceJSON.java files?

I would really appreciate at least a brief response about this issue. I'm trying to do a demo of this feature to a client, and without it, Liferay loses a little bit of the wow factor.

Thanks for the help,

Dave
thumbnail
Helmut Denk, modificado 14 Anos atrás.

RE: Re: [Liferay Forums][3. Development] REST/JSON authentication

Junior Member Postagens: 52 Data de Entrada: 13/05/06 Postagens Recentes
hi dave,

i've posted a similar question about REST/JSON access a few weeks ago.
got no reply so far.

i still would like to know, if this works with 5.2.3 and
if so ... what am i doing wrong ?

have a nice time
thumbnail
Dave Morris, modificado 14 Anos atrás.

RE: Re: [Liferay Forums][3. Development] REST/JSON authentication

Junior Member Postagens: 27 Data de Entrada: 07/05/09 Postagens Recentes
I finally had some time to figure this one out. I posted it on the original REST API blog post by Ray, but here it is again so hopefully google will index it and people won't suffer through this in the future:

Original REST JSON API Blog Post

Here is an updated example that will work with Liferay 5.2.3

This example uses the Zend API just because it was what I had available at the time, but the concept applies to any Http client API in PHP or any other language for that matter. The main thing to notice here is that the serviceClassName is different, because ServiceBuilder no longer generates the *ServiceJSON.java files.

Also, make sure you add this line to your portal-ext.properties file to allow the json servlet to be accessible from some IP address or hostname:

json.servlet.hosts.allowed=localhost,127.0.0.1


<!--?php
require_once ('Zend/Http/Client.php');
require_once ('Zend/Json.php');

$liferay = new Zend_Http_Client();

$liferay--->setUri('http://localhost:8080/tunnel-web/secure/json');

// set parameters to return a list of countries from the Liferay db
$liferay-&gt;setParameterGet(array(
    'serviceClassName' =&gt; 'com.liferay.portal.service.CountryServiceUtil',
    'serviceMethodName' =&gt; 'getCountries'
));

// set authentication
$liferay-&gt;setAuth('userid', 'password');

// send the request
$result = $liferay-&gt;request("GET");

// get back a json response
$json = Zend_Json::decode($result-&gt;getBody());

// print the json object
echo $result-&gt;getBody();

?&gt;


And if you're having trouble getting it to work, check out SecureFilter.java, JSONServiceAction.java, and JSONServlet.java to figure out what's going on.



Let me know if that works for you. I can do a sample script that puts data back into Liferay if you need help with that, as well.
thumbnail
Helmut Denk, modificado 14 Anos atrás.

RE: Re: [Liferay Forums][3. Development] REST/JSON authentication

Junior Member Postagens: 52 Data de Entrada: 13/05/06 Postagens Recentes
hi dave,

you got it. that's fantastic.

urls that work with 5.2.3 bundle:

(i have set company.security.auth.type=screenName)

http://bruno:bruno@localhost:8080/tunnel-web/secure/json?serviceClassName=com.liferay.portal.service.CountryServiceUtil&serviceMethodName=getCountries

http://localhost:8080/tunnel-web/secure/json?serviceClassName=com.liferay.portal.service.CountryServiceUtil&serviceMethodName=getCountries

http://bruno:bruno@localhost:8080/tunnel-web/json?serviceClassName=com.liferay.portal.service.UserServiceUtil&serviceMethodName=getUserById&userId=10416&serviceParameters=userId

http://localhost:8080/tunnel-web/json?serviceClassName=com.liferay.portal.service.UserServiceUtil&serviceMethodName=getUserById&userId=10416&serviceParameters=userId

thanks & have a successful time
thumbnail
zaheer mohammed saddapalli, modificado 14 Anos atrás.

RE: Re: [Liferay Forums][3. Development] REST/JSON authentication

Regular Member Postagens: 165 Data de Entrada: 15/01/08 Postagens Recentes
Excellent,


This works for me.

Still i have doubt why *ServiceJSON.java not generating using Liferay Service Builder?


With regards,
S Mohammed Zaheer
François LE QUEMENER, modificado 14 Anos atrás.

RE: Re: [Liferay Forums][3. Development] REST/JSON authentication

Junior Member Postagens: 48 Data de Entrada: 18/09/09 Postagens Recentes
Hi,
I have quite the same problem, but using the Liferay.Service.Portal.User.getUserIdByEmailAddress method.
Here is my call:


Liferay.Service.Portal.User.getUserIdByEmailAddress(
        {
        	companyId: &lt;%= currentContact.getCompanyId() %&gt;,
        	emailAddress: jQuery("#_58_emailAddress").val()
        },
        function(message) {
            var exception = message.exception;

            if (!exception) {
                // email already exists
            }
            else {
                //OK
            }
        });


I get: com.liferay.portal.security.auth.PrincipalException

How can I get through this?
Tor Iver Wilhelmsen, modificado 14 Anos atrás.

RE: Re: [Liferay Forums][3. Development] REST/JSON authentication

Junior Member Postagens: 60 Data de Entrada: 03/12/08 Postagens Recentes
zaheer mohammed saddapalli:
Still i have doubt why *ServiceJSON.java not generating using Liferay Service Builder?


Maybe they concluded it was pointless when the json servlet could use "normal" Java *ServiceUtil calls and convert objects using json-simple or Jackson. Even if it broke backward compatibility. emoticon
Smilelws2010 lwz, modificado 11 Anos atrás.

RE: Re: [Liferay Forums][3. Development] REST/JSON authentication

Regular Member Postagens: 160 Data de Entrada: 16/12/10 Postagens Recentes
HI Ray,

I am working with Liferay service builder 6.1 portlet with remote-service set to true.The portlet is fine

Now I want to access it through a URL. On hitting the url, http://localhost:8080/sample-portlet/api/jsonws/?serviceClassName=com.sample.service.SampleServiceUtil&serviceMethodName=findemail&serviceParameters=&email=abc@abc.com .

It is prompting for user name, password. Is there a way to avoid that? I saw the property to be added in portlat-ext - json.service.auth.token.enabled=false, but did not do much help.

Any thoughts or reference.
Thanks in advance

Smile
Smilelws2010 lwz, modificado 11 Anos atrás.

RE: Re: [Liferay Forums][3. Development] REST/JSON authentication

Regular Member Postagens: 160 Data de Entrada: 16/12/10 Postagens Recentes
Even if I am logged in at the time of making the service call, when you actually hit the service url on a browser it says "you must log in to area “PortalRealm” on localhost:8080." is there a way to avoid this.
MICHAIL MOUDATSOS, modificado 10 Anos atrás.

RE: Re: [Liferay Forums][3. Development] REST/JSON authentication

Regular Member Postagens: 110 Data de Entrada: 04/10/11 Postagens Recentes
Smilelws2010 lwz:
Even if I am logged in at the time of making the service call, when you actually hit the service url on a browser it says "you must log in to area “PortalRealm” on localhost:8080." is there a way to avoid this.
We have the exact same question. Could anyone reply on this, please?

Thank you in advance!

P.S. We don't want to disable authentication, we 're just trying to find out how to automate it for a logged-in user
Jeffrey Jarin, modificado 10 Anos atrás.

RE: Re: [Liferay Forums][3. Development] REST/JSON authentication

Junior Member Postagens: 30 Data de Entrada: 05/07/13 Postagens Recentes
Is there any update on this?
Im still seeing this as well
Even if I am logged in at the time of making the service call, when you actually hit the service url on a browser it says "you must log in to area “PortalRealm” on localhost:8080." is there a way to avoid this.
thumbnail
Clint Wilde, modificado 10 Anos atrás.

RE: Re: [Liferay Forums][3. Development] REST/JSON authentication

Junior Member Postagens: 39 Data de Entrada: 05/03/13 Postagens Recentes
I have the same issue. I only have 2 requirements:

1. If the URL is accessed directly from the browser, I want to be challenged for the user and password.
2. When the REST URL is accessed from within a JSP on the SAME host, I don't want it to ask for a user/password. (The user is already logged in to the portal).

I have tried multiple combinations of the following settings in portal-ext.properties:

# for json web services
auth.token.check.enabled=false
json.service.auth.token.enabled=false
# jsonws.web.service.public.methods=get*,has*,is*,find*,save*,remove*,xx*,update*
jsonws.web.service.public.methods=
#json.service.public.methods=get*,has*,is*,find*,save*,remove*,xx*,update*
json.service.public.methods=
# json.service.public.methods=get*
json.service.auth.token.hosts.allowed=127.0.0.1

What am I doing wrong?
thumbnail
Tomáš Polešovský, modificado 10 Anos atrás.

RE: Re: [Liferay Forums][3. Development] REST/JSON authentication

Liferay Master Postagens: 676 Data de Entrada: 13/02/09 Postagens Recentes
Hi Clint,

next time please create a new thread and don't resurrect dead threads. When I see the thread already has some answers I usually don't look inside.

Clint Wilde:
I have the same issue. I only have 2 requirements:

1. If the URL is accessed directly from the browser, I want to be challenged for the user and password.
2. When the REST URL is accessed from within a JSP on the SAME host, I don't want it to ask for a user/password. (The user is already logged in to the portal).


#1: depends on the portal version you use.
For version < 6.2 you need to access the portal services via /api/secure/jsonws...
For version >= 6.2 you need to explicitly configure the authentication method you prefer. Into portal-ext.properties add:
jsonws.servlet.basic_auth=true


#2: use portal context to access the JSONWS, not plugin context. Please see section Portal cookies belong to the portal context in https://www.liferay.com/web/tomas.polesovsky/blog/-/blogs/json-ws-security/.

Clint Wilde:
# for json web services
auth.token.check.enabled=false
json.service.auth.token.enabled=false

Please don't disable auth.tokens. You open yourself to CSRF attacks (please read the blog post above).