留言板

  1. 主页
  2. Development
  3. Having problem in JSON Web Service.. Authentication

Having problem in JSON Web Service.. Authentication

thumbnail
Arnab Saha,修改在9 年前。

Having problem in JSON Web Service.. Authentication

New Member 帖子: 10 加入日期: 15-3-16 最近的帖子
I am using the .java file for Liferay WebService Client call plugin portlet services

Code:
HttpHost targetHost = new HttpHost("localhost", 8080, "http");
HttpClient httpclient = new DefaultHttpClient();
((AbstractHttpClient) httpclient).getCredentialsProvider().setCredentials(
new AuthScope(targetHost.getHostName(), targetHost.getPort()),
new UsernamePasswordCredentials("test@liferay.com", "test"));
AuthCache authCache = new BasicAuthCache();

BasicScheme basicAuth = new BasicScheme();
authCache.put(targetHost, basicAuth);
BasicHttpContext ctx = new BasicHttpContext();
ctx.setAttribute(ClientContext.AUTH_CACHE, authCache);

HttpPost post = new HttpPost("/RemoteWebService-portlet/api/jsonws/employee/get-employee");

List<NameValuePair> params = new ArrayList<NameValuePair>();

params.add(new BasicNameValuePair("emplyeeId", "1"));


UrlEncodedFormEntity entity = new UrlEncodedFormEntity(params, "UTF-8");
post.setEntity(entity);

System.out.println("post:"+post);
System.out.println("ctx:"+ctx);
System.out.println("target Host:"+targetHost);
System.out.println("params:"+params);

HttpResponse resp = httpclient.execute(targetHost, post, ctx);
System.out.println("output is "+resp.toString());
System.out.println("response:"+resp.getEntity());
resp.getEntity().writeTo(System.out);
httpclient.getConnectionManager().shutdown();
}
}

... Thats working fine in liferay 6.1

But its not working in liferay 6.2 ...
Getting the output: {"exception":"Authenticated access required"}

-Please help.. Is there any default authentication in liferay 6.2..?
thumbnail
David H Nebinger,修改在9 年前。

RE: Having problem in JSON Web Service.. Authentication

Liferay Legend 帖子: 14919 加入日期: 06-9-2 最近的帖子
Check the headers on the submitted post to ensure it has the authentication header.
thumbnail
Arnab Saha,修改在9 年前。

RE: Having problem in JSON Web Service.. Authentication

New Member 帖子: 10 加入日期: 15-3-16 最近的帖子
I had tried adding httpheader:
post.addHeader("Accept", "application/json");
post.addHeader("Content-Type"," application/json");
post.addHeader("Authorization", "Basic dGVzdEBsaWZlcmF5LmNvbTp0ZXN0");


Still its not working.. emoticon
Khushbu Ajmera,修改在9 年前。

RE: Having problem in JSON Web Service.. Authentication

New Member 帖子: 5 加入日期: 14-9-19 最近的帖子
I have same problem.
It is working fine with Liferay 6.1
but giving Authentication Error in Liferay 6.2
thumbnail
David H Nebinger,修改在9 年前。

RE: Having problem in JSON Web Service.. Authentication

Liferay Legend 帖子: 14919 加入日期: 06-9-2 最近的帖子
You can try turning on the logging on the server side for the authentication. May be some useful nugget there to help diagnose why authentication is not being received and/or processed.
Khushbu Ajmera,修改在9 年前。

RE: Having problem in JSON Web Service.. Authentication

New Member 帖子: 5 加入日期: 14-9-19 最近的帖子
Need to modify httpPost value
it is quite different for Liferay 6.2
I have modify url in given formate and it is working fine.
HttpPost post = new HttpPost("/api/jsonws/LiferayJSONWebservices-portlet.employee/get-employee");

you can refer given URL
http://www.liferaysavvy.com/2014/05/consuming-liferay-json-web-services.html
Maria Smith,修改在9 年前。

RE: Having problem in JSON Web Service.. Authentication

New Member 帖子: 2 加入日期: 15-3-28 最近的帖子
have the same problememoticon
thumbnail
Tomas Polesovsky,修改在9 年前。

RE: Having problem in JSON Web Service.. Authentication

Liferay Master 帖子: 676 加入日期: 09-2-13 最近的帖子
Hi,

1, Please use /api/jsonws/... URLs, plugins should auto-register to /api/jsonws/...

If you use /yourPluginName/api/jsonws/... you need to configure your plugin and configure authentication filter.

2, For 6.2 you need to use preemtive authentication, the API no longer sends HTTP Authorization challenge.

For HTTP Client please see http://hc.apache.org/httpclient-3.x/authentication.html#Preemptive_Authentication

This is due to security reasons:
A, it's much harder to exploit any possible JSONWS vulnerabilities using browser, because all access must be authenticated and browsers don't support preemptive authentication
B, The JSONWS api can support any number of authentication mechanisms that can be pipelined

Thanks.