I have to create a issue in jira with POST method using REST API in java but the problem is I am having SSO (Single sign-on) authentication in my system.When I am trying to create ,I am getting 401 (Unauthorized) error.I already have administrator role in project on jira . But I am able to create the issue using POSTMAN(getting 201 response code).I can't understand how POSTMAN is able to do that.
Please provide how to do authorization if I have system with SSO authentication.I can't create jira API token as it is restricted to me.
Creating a new "JIRA issue" using REST API in java
I am taking help from this link but here its doing basic authentication.
You have to use Basic Authentication or OAuth to access the rest api.
public static string GetEncodedCredentials(string userid, string password)
{
string mergedCredentials = string.Format("{0}:{1}", userid, password);
byte[] byteCredentials = UTF8Encoding.UTF8.GetBytes(mergedCredentials);
return Convert.ToBase64String(byteCredentials);
}
Call this method with userid as your username/email, and password using the same password you use in POSTMAN. It is weird that you can do it on POSTMAN and not in your application because I'm assuming you have used this in POSTMAN. This is C# code however so you might need to find the java code for this.
If needed search: Basic Authentication Java
Then you will find it.
Related
I am trying to build a custom build plugin using Atlassian sdk framework and in that I have developed a Rest API to fetch data saved in Active Objects database tables and I am using basic authentication in postman where I need to provide my local Jira username and password.
In my plugin code, I am storing data using active objects and following code I am using to fetch the stored data in active objects table:
// To delete all the rules present in database table
#DELETE
#Path("/debug/delete/rules")
public Response deleteAllRules() {
boolean result = rules.deleteAllStoredRules();
if (result) {
return Response.noContent().build();
}
return Response.status(205).build();
}
Can anyone please help me to find a way to fetch username provided in basic authentication in my java code?
The simplest way to retrieve the currently authenticated principal is via a static call to the SecurityContextHolder:
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
String currentPrincipalName = authentication.getName();
Please read more about this: https://www.baeldung.com/get-user-in-spring-security
This is in regards to version 0.2 of the Kubernetes Java client. I'm guessing the way to use basic authentication in the Java API is to do this
ApiClient client = Config.fromUserPassword( "https://....:6443", "user", "password", false );
Configuration.setDefaultApiClient( client );
CoreV1Api api = new CoreV1Api();
// Make api call like
api.listNode(...)
However the above code always returns 403 Forbidden. From the response message, it doesn't look like the user/pass is being used in the request.
{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"nodes is forbidden: User \"system:anonymous\" cannot list nodes at the cluster scope","reason":"Forbidden","details":{"kind":"nodes"},"code":403}
I also debugged through the code a bit and I may be answering my own question but it looks like in CoreV1Api's methods, it never add basic auth as an authentication method and only uses BearerToken. Is basic auth supported or should I be using another API class?
Many kubernetes clusters do not set up basic auth, only bearer token auth. Are you sure your cluster configured basic authentication?
https://kubernetes.io/docs/admin/authentication/#static-password-file
Answering my own question but it doesn't look like the current version of the client actually executes the user/pass authentication. BearerToken is working however.
The java client ignores the HttpBasicAuth object, but if you use the ApiKeyAuth object and set the key prefix to "Basic" and the API key to the base64 encoded credentials, it will work.
For example:
String credentials= new String(Base64.getEncoder().encode("user:password".getBytes()));
ApiClient defaultClient = Configuration.getDefaultApiClient();
defaultClient.setBasePath("https://256.256.256.256");
ApiKeyAuth fakeBearerToken = (ApiKeyAuth) defaultClient.getAuthentication("BearerToken");
fakeBearerToken.setApiKey(credentials);
fakeBearerToken.setApiKeyPrefix("Basic");
This works because the kubernetes client will simply concatenate the API key prefix with the prefix, and put the result in the "Authorization" header.
I want to get username and password from curl command in REST web service using Plain Java Class.
My java class is
#GET
public Response check(String username,String password)
{
authenticate.....
}
I use Netbean IDE with jersey framework. I created web service in POJO java class.
Do anyone know how to get username and password in web service java class?
My curl command is like :
curl -u username:password http://localhost:8080/project/resources
If this is building on the code from your question here, then getting the username is a matter of adding a new property to the resource annotated with #Context of type javax.ws.rs.core.SecurityContext (let's call it securityContext). Then you can access the username like this:
String username = securityContext.getUserPrincipal().getName();
The password is not available through this API though. This approach will only work if the user has already been authenticated by the container. To get at the password, the property would need to be of type javax.ws.rs.core.HttpHeaders (let's call it httpHeaders). Using this object, you'd have to call
String authHeader = httpHeaders.getRequestHeader("Authorization").get(0);
Using the curl command you listed would default to using HTTP basic authentication, giving you the username and password in a base64 encoded string consisting of username:password. To get those values you would need to parse, base64 decode, and parse again. The curl command you provided would add the following header to the request:
Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=
In the code snippet I provided before, authHeader would have the value
Basic dXNlcm5hbWU6cGFzc3dvc.mQ=
Getting the username and password would be like so
String[] pair = base64decode(authHeader.split(" ")[1]).split(":");
In that code substitute base64decode with your base64 decoding library of choice. After this call the username would be in pair[0] and the password would be in pair[1]. Note that all of this code is lacking null and boundary checks as well as exception handling that production code would require. It also only supports basic authentication. If you needed to support other authentication methods you would need to handle whatever decoding and parsing that method requires.
It seems to me that JAX-RS is geared more towards using the SecurityContext approach and relying on the container to authenticate the request, so understand all of the caveats with using the HttpHeaders approach.
I was trying to develop a Java application which gets contacts from Sugar CRM. I have newly installed Sugar CRM 6.0.2 and I did not make any modifications to it. I am making use of the inbuilt SOAP based WebServices (have to use soap cant go for rest based) to login. But while logging in I am getting an error message saying:
anyType{
id=-1;
error=anyType{
number=10;
name=Invalid Login;
description=Login attempt failed please check the username and password;
};
}
I am sending a string user for user_auth parameter:
String user = "user_auth{username=will; password=18218139eec55d83cf82679934e5cd75; version=1.0;}";
String user = "{'user_auth':{'username':'will','password':'18218139eec55d83cf82679934e5cd75', 'version':'1.0'}}";
I tried both of the above options and its not working. I tried "SugarCRM" and "CRM" for application_name.
If anyone of you can help me regarding this that would be a great helpful for me. Thanks.
There is a bug in SugarCRM. You may only log into the WebServices with Admin.
And you can't pass JSON Strings to SOAP. You have to pass XML using SOAP.
http://support.sugarcrm.com/02_Documentation/04_Sugar_Developer/Sugar_Developer_Guide_6.5/02_Application_Framework/Web_Services/Examples/SOAP/PHP/Logging_In
I want to connect to a my facebook application using the facebook java api 2.1.1(http://code.google.com/p/facebook-java-api/). My application is in "Desktop" mode so I should be able to access it outside of a web application. I have not defined any callback url for it as well. My code looks something like this.
FacebookJsonRestClient client = new FacebookJsonRestClient( FB_APP_API_KEY, FB_APP_SECRET );
String token = client.auth_createToken();
HttpClient http = new HttpClient();
http.setParams(new HttpClientParams());
http.setState(new HttpState());
final String LOGIN = "https://login.facebook.com/login.php";
GetMethod get = new GetMethod(LOGIN + "?api_key=" + FB_APP_API_KEY + "&v=1.0&auth_token=" + token );
http.executeMethod(get);
PostMethod post = new PostMethod(LOGIN);
post.addParameter(new NameValuePair("api_key", FB_APP_API_KEY));
post.addParameter(new NameValuePair("v", "1.0"));
post.addParameter(new NameValuePair("auth_token", token));
post.addParameter(new NameValuePair("email", "my-email"));
post.addParameter(new NameValuePair("pass", "my-password"));
http.executeMethod(post);
String session = client.auth_getSession(token);
However instead of returning the session the API throws an exception:
com.google.code.facebookapi.FacebookException: Invalid parameter
at com.google.code.facebookapi.FacebookJsonRestClient.parseCallResult(FacebookJsonRestClient.java:354)
at com.google.code.facebookapi.ExtensibleClient.callMethod(ExtensibleClient.java:535)
at com.google.code.facebookapi.ExtensibleClient.callMethod(ExtensibleClient.java:472)
at com.google.code.facebookapi.FacebookJsonRestClient.auth_getSession(FacebookJsonRestClient.java:278)
Can anyone please tell me whats wrong with this code? And what is the correct way to access a facebook application in desktop mode using the java api (v. 2.1.1).
Thanks for your help.
Regards
Nabeel Mukhtar
As far as I understand FB's API, you're not supposed to provide username and password manually but instead let the user input them manually and then allow the Facebook Login to redirect the user back to your application. This means that instead of providing "email" and "pass" you provide "next" and "cancel" URL:s instead.
This is purely a security feature of FB API and while the theory behind it is alright, the execution is far from optimal.
See this discussion thread on the Google Code site. There's a link in the that thread to a wiki page which explains how to do desktop auth.