论坛

主页 » Liferay Portal » English » 3. Development

组合视图 统一视图 树状图
讨论主题 [ 上一个 | 下一个 ]
toggle
REST/JSON authentication Glenn Ivan Butler 2008年6月7日 下午10:36
Re: [Liferay Forums][3. Development] REST/JSON authentication Ray Augé 2008年7月9日 下午1:24
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication zaheer mohammed saddapalli 2009年8月27日 上午1:46
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication Dave Morris 2009年9月15日 下午8:35
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication Helmut Denk 2009年9月15日 下午10:10
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication Dave Morris 2009年9月16日 下午10:25
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication Helmut Denk 2009年9月17日 上午7:36
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication zaheer mohammed saddapalli 2009年9月17日 下午11:21
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication François LE QUEMENER 2009年10月20日 上午1:51
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication Tor Iver Wilhelmsen 2009年12月29日 上午6:39
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication Smilelws2010 lwz 2013年1月28日 上午7:38
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication Smilelws2010 lwz 2013年1月28日 上午7:38
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication MICHAIL MOUDATSOS 2013年4月30日 上午6:57
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication Jeffrey Jarin 2013年9月11日 下午2:20
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication Clint Wilde 2014年3月19日 下午12:51
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication Tomas Polesovsky 2014年3月26日 上午8:25
Glenn Ivan Butler
REST/JSON authentication
2008年6月7日 下午10:36
答复

Glenn Ivan Butler

等级: New Member

帖子: 9

加入日期: 2008年4月17日

最近的帖子

Has anyone use the REST/JSON calls to access Liferay services, in particular, User services. I can make the call properly but I get the json exception:

"{"exception":"com.liferay.portal.security.auth.PrincipalException"}"

My call is :
http://localhost:8080/c/portal/json_service?serviceClassName=com.liferay.portal.service.http.UserServiceJSON&serviceMethodName=getUserById&userId=10128&serviceParameters=userId

Thanks for any help.
Ray Augé
Re: [Liferay Forums][3. Development] REST/JSON authentication
2008年7月9日 下午1:24
答复

Ray Augé

LIFERAY STAFF

等级: Liferay Legend

帖子: 1171

加入日期: 2005年2月7日

最近的帖子

On Sun, 2008-06-08 at 05:36 +0000, Glenn Ivan Butler at Liferay's
Community Forums wrote:

> Has anyone use the REST/JSON calls to access Liferay services, in
> particular, User services. I can make the call properly but I get the
> json exception:
>
> "{"exception":"com.liferay.portal.security.auth.PrincipalException"}"
>
> My call is :
> http://localhost:8080/c/portal/json_service?serviceClassName=com.liferay.portal.service.http.UserServiceJSON&serviceMethodName=getUserById&userId=10128&serviceParameters=userId


Try accessing through the tunnel-web application and using basic HTTP
login credentials:

http://joebloggs:test@localhost:8080/tunnel-web/secure/json/?serviceClassName=com.liferay.portal.service.http.UserServiceJSON&serviceMethodName=getUserById&userId=10128&serviceParameters=userId

Most of the remote service calls require some form or authorization,
very few can be used without it, and while this is available from the
thread local while logged into the portal... you need to pass
credentials to web services in order to have it with web service. This
is what tunnel-web handles.


----------------------------------
Raymond Augé
Software Engineer
Liferay, Inc.
Enterprise. Open Source. For Life.
----------------------------------

Liferay Meetup 2008 – Los Angeles

August 1, 2008

Meet and brainstorm with the creators of Liferay Portal, our partners
and other members of our community!

The day will consist of a series of technical sessions presented by our
integration and services partners. There is time set aside for Q&A and
corporate brainstorming to give the community a chance to give feedback
and make suggestions!

View Event Details

Register Now
zaheer mohammed saddapalli
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication
2009年8月27日 上午1:46
答复

zaheer mohammed saddapalli

等级: Regular Member

帖子: 164

加入日期: 2008年1月15日

最近的帖子

Hi Ray,

Currently i am working on Liferay 5.2.3 version.

In 5.2.1 i have made some customization to GroupServiceJSON.java which will expose RestEASYService.

I didn't find those files in 5.2.3.


But *ServiceJSON.java files are getting generated for my custom portlets.


How can i generate this files in Portal Source 5.2.3.


S Mohammed Zaheer
Senior Software Engineer
InfoAxon Technologies
http://www.infoaxon.com
Dave Morris
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication
2009年9月15日 下午8:35
答复

Dave Morris

等级: Junior Member

帖子: 27

加入日期: 2009年5月7日

最近的帖子

Ray,

I cannot for the life of me find ANY good documentation about how to call Liferay services using the REST API. I am using 5.2.3, and I see that the *ServiceJSON.java files are being deleted in the service builder. Is there a good reason for this? How am I supposed to use the REST API when every tutorial on the internet says to use the non-existent *ServiceJSON.java files?

I would really appreciate at least a brief response about this issue. I'm trying to do a demo of this feature to a client, and without it, Liferay loses a little bit of the wow factor.

Thanks for the help,

Dave
Helmut Denk
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication
2009年9月15日 下午10:10
答复

Helmut Denk

等级: Junior Member

帖子: 52

加入日期: 2006年5月12日

最近的帖子

hi dave,

i've posted a similar question about REST/JSON access a few weeks ago.
got no reply so far.

i still would like to know, if this works with 5.2.3 and
if so ... what am i doing wrong ?

have a nice time
Dave Morris
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication
2009年9月16日 下午10:25
答复

Dave Morris

等级: Junior Member

帖子: 27

加入日期: 2009年5月7日

最近的帖子

I finally had some time to figure this one out. I posted it on the original REST API blog post by Ray, but here it is again so hopefully google will index it and people won't suffer through this in the future:

Original REST JSON API Blog Post

Here is an updated example that will work with Liferay 5.2.3

This example uses the Zend API just because it was what I had available at the time, but the concept applies to any Http client API in PHP or any other language for that matter. The main thing to notice here is that the serviceClassName is different, because ServiceBuilder no longer generates the *ServiceJSON.java files.

Also, make sure you add this line to your portal-ext.properties file to allow the json servlet to be accessible from some IP address or hostname:

json.servlet.hosts.allowed=localhost,127.0.0.1

 1
 2<?php
 3require_once ('Zend/Http/Client.php');
 4require_once ('Zend/Json.php');
 5
 6$liferay = new Zend_Http_Client();
 7
 8$liferay->setUri('http://localhost:8080/tunnel-web/secure/json');
 9
10// set parameters to return a list of countries from the Liferay db
11$liferay->setParameterGet(array(
12    'serviceClassName' => 'com.liferay.portal.service.CountryServiceUtil',
13    'serviceMethodName' => 'getCountries'
14));
15
16// set authentication
17$liferay->setAuth('userid', 'password');
18
19// send the request
20$result = $liferay->request("GET");
21
22// get back a json response
23$json = Zend_Json::decode($result->getBody());
24
25// print the json object
26echo $result->getBody();
27
28?>


And if you're having trouble getting it to work, check out SecureFilter.java, JSONServiceAction.java, and JSONServlet.java to figure out what's going on.



Let me know if that works for you. I can do a sample script that puts data back into Liferay if you need help with that, as well.
Helmut Denk
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication
2009年9月17日 上午7:36
答复

Helmut Denk

等级: Junior Member

帖子: 52

加入日期: 2006年5月12日

最近的帖子

hi dave,

you got it. that's fantastic.

urls that work with 5.2.3 bundle:

(i have set company.security.auth.type=screenName)

http://bruno:bruno@localhost:8080/tunnel-web/secure/json?serviceClassName=com.liferay.portal.service.CountryServiceUtil&serviceMethodName=getCountries

http://localhost:8080/tunnel-web/secure/json?serviceClassName=com.liferay.portal.service.CountryServiceUtil&serviceMethodName=getCountries

http://bruno:bruno@localhost:8080/tunnel-web/json?serviceClassName=com.liferay.portal.service.UserServiceUtil&serviceMethodName=getUserById&userId=10416&serviceParameters=userId

http://localhost:8080/tunnel-web/json?serviceClassName=com.liferay.portal.service.UserServiceUtil&serviceMethodName=getUserById&userId=10416&serviceParameters=userId

thanks & have a successful time
zaheer mohammed saddapalli
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication
2009年9月17日 下午11:21
答复

zaheer mohammed saddapalli

等级: Regular Member

帖子: 164

加入日期: 2008年1月15日

最近的帖子

Excellent,


This works for me.

Still i have doubt why *ServiceJSON.java not generating using Liferay Service Builder?


With regards,
S Mohammed Zaheer
François LE QUEMENER
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication
2009年10月20日 上午1:51
答复

François LE QUEMENER

等级: Junior Member

帖子: 48

加入日期: 2009年9月18日

最近的帖子

Hi,
I have quite the same problem, but using the Liferay.Service.Portal.User.getUserIdByEmailAddress method.
Here is my call:


 1Liferay.Service.Portal.User.getUserIdByEmailAddress(
 2        {
 3            companyId: <%= currentContact.getCompanyId() %>,
 4            emailAddress: jQuery("#_58_emailAddress").val()
 5        },
 6        function(message) {
 7            var exception = message.exception;
 8
 9            if (!exception) {
10                // email already exists
11            }
12            else {
13                //OK
14            }
15        });


I get: com.liferay.portal.security.auth.PrincipalException

How can I get through this?
Tor Iver Wilhelmsen
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication
2009年12月29日 上午6:39
答复

Tor Iver Wilhelmsen

等级: Junior Member

帖子: 60

加入日期: 2008年12月3日

最近的帖子

zaheer mohammed saddapalli:
Still i have doubt why *ServiceJSON.java not generating using Liferay Service Builder?


Maybe they concluded it was pointless when the json servlet could use "normal" Java *ServiceUtil calls and convert objects using json-simple or Jackson. Even if it broke backward compatibility. emoticon
Smilelws2010 lwz
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication
2013年1月28日 上午7:38
答复

Smilelws2010 lwz

等级: Regular Member

帖子: 153

加入日期: 2010年12月16日

最近的帖子

HI Ray,

I am working with Liferay service builder 6.1 portlet with remote-service set to true.The portlet is fine

Now I want to access it through a URL. On hitting the url, http://localhost:8080/sample-portlet/api/jsonws/?serviceClassName=com.sample.service.SampleServiceUtil&serviceMethodName=findemail&serviceParameters=&email=abc@abc.com .

It is prompting for user name, password. Is there a way to avoid that? I saw the property to be added in portlat-ext - json.service.auth.token.enabled=false, but did not do much help.

Any thoughts or reference.
Thanks in advance

Smile
Smilelws2010 lwz
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication
2013年1月28日 上午7:38
答复

Smilelws2010 lwz

等级: Regular Member

帖子: 153

加入日期: 2010年12月16日

最近的帖子

Even if I am logged in at the time of making the service call, when you actually hit the service url on a browser it says "you must log in to area “PortalRealm” on localhost:8080." is there a way to avoid this.
MICHAIL MOUDATSOS
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication
2013年4月30日 上午6:57
答复

MICHAIL MOUDATSOS

等级: Regular Member

帖子: 110

加入日期: 2011年10月4日

最近的帖子

Smilelws2010 lwz:
Even if I am logged in at the time of making the service call, when you actually hit the service url on a browser it says "you must log in to area “PortalRealm” on localhost:8080." is there a way to avoid this.
We have the exact same question. Could anyone reply on this, please?

Thank you in advance!

P.S. We don't want to disable authentication, we 're just trying to find out how to automate it for a logged-in user
Jeffrey Jarin
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication
2013年9月11日 下午2:20
答复

Jeffrey Jarin

等级: Junior Member

帖子: 30

加入日期: 2013年7月5日

最近的帖子

Is there any update on this?
Im still seeing this as well
Even if I am logged in at the time of making the service call, when you actually hit the service url on a browser it says "you must log in to area “PortalRealm” on localhost:8080." is there a way to avoid this.
Clint Wilde
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication
2014年3月19日 下午12:51
答复

Clint Wilde

等级: New Member

帖子: 6

加入日期: 2013年3月5日

最近的帖子

I have the same issue. I only have 2 requirements:

1. If the URL is accessed directly from the browser, I want to be challenged for the user and password.
2. When the REST URL is accessed from within a JSP on the SAME host, I don't want it to ask for a user/password. (The user is already logged in to the portal).

I have tried multiple combinations of the following settings in portal-ext.properties:

# for json web services
auth.token.check.enabled=false
json.service.auth.token.enabled=false
# jsonws.web.service.public.methods=get*,has*,is*,find*,save*,remove*,xx*,update*
jsonws.web.service.public.methods=
#json.service.public.methods=get*,has*,is*,find*,save*,remove*,xx*,update*
json.service.public.methods=
# json.service.public.methods=get*
json.service.auth.token.hosts.allowed=127.0.0.1

What am I doing wrong?
Tomas Polesovsky
RE: Re: [Liferay Forums][3. Development] REST/JSON authentication
2014年3月26日 上午8:25
答复

Tomas Polesovsky

LIFERAY STAFF

等级: Liferay Master

帖子: 569

加入日期: 2009年2月13日

最近的帖子

Hi Clint,

next time please create a new thread and don't resurrect dead threads. When I see the thread already has some answers I usually don't look inside.

Clint Wilde:
I have the same issue. I only have 2 requirements:

1. If the URL is accessed directly from the browser, I want to be challenged for the user and password.
2. When the REST URL is accessed from within a JSP on the SAME host, I don't want it to ask for a user/password. (The user is already logged in to the portal).


#1: depends on the portal version you use.
For version < 6.2 you need to access the portal services via /api/secure/jsonws...
For version >= 6.2 you need to explicitly configure the authentication method you prefer. Into portal-ext.properties add:
1jsonws.servlet.basic_auth=true


#2: use portal context to access the JSONWS, not plugin context. Please see section Portal cookies belong to the portal context in https://www.liferay.com/web/tomas.polesovsky/blog/-/blogs/json-ws-security/.

Clint Wilde:
# for json web services
auth.token.check.enabled=false
json.service.auth.token.enabled=false

Please don't disable auth.tokens. You open yourself to CSRF attacks (please read the blog post above).