OE 11.6.1: I’m having some trouble both mentioned transports for an ABL application. Securing just REST works perfectly as described in the docs. But when I want to secure APSV as well and then it’s becoming a bit misty. I’m trying to setup form oerealm.
I setup oeablSecurity-form-oerealm.xml (and pointed to that in web.xml) like:
<b:bean id="OERealmUserDetails" class="com.progress.appserv.services.security.OERealmUserDetailsImpl" >
<b:property name="realmURL" value="localhost:10600/.../apsv" />
<b:property name="realmClass" value="auth.AuthenticationRealm" />
…
Note: I’m setting up security for the /auth1 application, the /auth2 is the app which performs the actual authentication. /auth1 and /auth2 run on the same instance.
So far so good. This works for REST, the AuthenticationRealm class performs as expected. I can connect to the APSV from ABL with whatever credentials. But then securing the APSV part. I uncomment <b:import resource="apsv-basic.xml"/> and then restart the pasoe instance. The REST transport still asks for authorization and if the correct credentials are given I get the expected response. Trying to connect to APSV no longer works (..:connect("-URL localhost:10600/.../apsv", "bfv", "bfv"))
Now I switch to the apsv-basic.xml file. In this file I comment <http-basic /> and uncomment <http-basic entry-point-ref="OEAuthenticationEntryPoint" /> as described. Obviously the file comments: “for oeablSecurity-basic-oerealm.xml”. But I’m working on oeablSecurity-form-oerealm.xml. Maybe here is the problem. When I restart the instance I get for REST: 403 - Forbidden: the server refuses to fullfill the client's request - GET /auth1/rest/restauth/person and for APSV I still can’t login but now with a 9328 error (unable to communicate with AIA).
What am I doing wrong here?
From ABL, if you want to send username & password in your HTTP request then you need to construct your URL as below in your connect parameter
http://<username>:<password>@localhost:10600/auth1/apsv
Please let me know if you see any issues
OK, I changed my connection string to what you suggested, to no avail. So the REST interface is no longer working and APSV not as well. Both complaining about a 403. Commenting <http-basic /> and uncommenting <http-basic entry-point-ref="OEAuthenticationEntryPoint" /> caused the 403's...
The change I have asked to change was as the the client code in ABL, did you change it in the ABL Client or in the Spring xml ?
At the client, but as stated, REST is broken as well and that has little to do with the ABL client.
It means that there is some configuration problem. Can you look for any errors in the log file(oepas1.<date>.log)
Bronco if you haven't done so already, please feel free to open a Support case for us to take a closer look at your issue.
Thanks, I will as soon as time permits.