OpenEdge 11.6.4 - REST error 403

Posted by atuldalvi123 on 29-Aug-2018 09:48

Hello,

I've been getting a 403 error whenever I try and access a REST Service resource set up and published on an active PASOE server.

I am passing query string parameters to the service and  getting output parameter from the same.

Both input and output mapping details is correct ( used REST Resource URI Editor).

Below is the ABL call to the service -

/* ***************************  Definitions  ************************** */

USING OpenEdge.Net.HTTP.*.
USING OpenEdge.Net.URI.
USING Progress.Json.ObjectModel.JsonObject.


DEFINE VARIABLE oClient AS IHTTPClient NO-UNDO.
DEFINE VARIABLE oURI AS URI NO-UNDO.
DEFINE VARIABLE oCredentials AS Credentials NO-UNDO.

DEFINE VARIABLE oRequest AS IHttpRequest NO-UNDO.
DEFINE VARIABLE oResponse AS IHttpResponse NO-UNDO.
DEFINE VARIABLE oCookies AS Cookie NO-UNDO.

oClient = ClientBuilder:Build():KeepCookies():Client. /*CookiesJarBuilder:Build():CookieJar*/

oURI = NEW URI('http', 'localhost', 10980).
#oURI:Path = '/myRestServicesService/rest/myRestServicesService/testQueryParameters?MNR=2000&SNR=1'.

oURI:Path = '/rest/myRestServicesService/testQueryParameters?MNR=2000&SNR=1'.

oCredentials = NEW Credentials('Tomcat Manager Application', 'tomcat', 'tomcat').

oRequest = RequestBuilder:Build('GET', oURI)
 :usingBasicAuthentication(oCredentials)
 :acceptJson()
 :Request.

oResponse = ResponseBuilder:Build():Response.


/*oClient:execute(oRequest, oResponse).*/

oResponse = ClientBuilder:Build():Client:Execute(oRequest).

MESSAGE oResponse:StatusCode skip oResponse:StatusReason
    VIEW-AS ALERT-BOX INFO BUTTONS OK.

***************************************************** END***************************************************

*****************************************Service***********************************

@openapi.openedge.export FILE(type="REST", executionMode="external", useReturnValue="false", writeDataSetBeforeImage="false").
 
BLOCK-LEVEL ON ERROR UNDO, THROW.
 
DEFINE INPUT PARAM inp1 AS INT.
DEFINE INPUT PARAM inp2 AS INT.
DEFINE OUTPUT PARAM out AS CHARACTER.
 
 
FIND FIRST SUBCustomer NO-LOCK
     WHERE SUBCustomer.MNR = inp1
       AND SUBCustomer.SNR = inp2 NO-ERROR.
 IF AVAILABLE SUBCustomer  THEN 
    out= STRING(SUBCustomer.SFCODE).

    RETURN.

****************************************END***************************************

I tried below both URL but received same error in response.

#oURI:Path = '/myRestServicesService/rest/myRestServicesService/testQueryParameters?MNR=2000&SNR=1'.

oURI:Path = '/rest/myRestServicesService/testQueryParameters?MNR=2000&SNR=1'.

Below is the response If I try these URLs from browser -

An error occurred while executing your request!


403 - Forbidden: the server refuses to fulfill the client's request - GET /myRestServicesService/rest/myRestServicesService/testQueryParameters

Error details
Remote user: null
User principal: null
Scheme: http
Remote address: 0:0:0:0:0:0:0:1
Server name: localhost
PASOE product type: dev
HTTP status: 403
Error detail: Access Denied

Pls suggest.

All Replies

Posted by Peter Judge on 29-Aug-2018 10:14

Do you get a 403 from a REST client ( a browser or something like Postman).
 

Posted by Matt Baker on 29-Aug-2018 10:18

You have a few unnecessary lines in your code example.

this line isn't doing anything since you don't use the result further down:

oClient = ClientBuilder:Build():KeepCookies():Client. /*CookiesJarBuilder:Build():CookieJar*/

and this line isn't doing anything either because you immediately overwrite it on the next line:

oResponse = ResponseBuilder:Build():Response.

Posted by atuldalvi123 on 29-Aug-2018 11:04

Actually, I have installed all the setup on my local machine only right from developer studio to OE Management. I am testing it from the developer studio.

Even after removing those cookies statements getting the same error.

Posted by Matt Baker on 29-Aug-2018 11:08

Did you test with another product like postman or with opening the URL in a browser and providing the same credentials?

Posted by atuldalvi123 on 29-Aug-2018 11:24

How can we pass the credentials in the URL to test it from the Browser  ?

Earlier i tested with URL  localhost:10989/.../testQueryParameters

And the result is -

An error occurred while executing your request!

403 - Forbidden: the server refuses to fulfill the client's request - GET /myRestServicesService/rest/myRestServicesService/testQueryParameters

Error detailsRemote user:nullUser principal:nullScheme:httpRemote address:0:0:0:0:0:0:0:1Server name:localhostPASOE product type:devHTTP status:403Error detail:Access Denied

Posted by Matt Baker on 29-Aug-2018 11:27

You can put them in the URL...or if you don't, the browser should be prompting for them.  if it doesn't restart the browser and try again, since the browser will cache them if you already provided them.

You can add them to the URL as such.

tomcat:tomcat@localhost:10989/.../testQueryParameters

If that doesn't work...then you have the wrong credentials.

Posted by atuldalvi123 on 29-Aug-2018 11:50

With that I am getting below pop up error -

[Window Title]

Address Bar

[Content]

Windows cannot find ‘tomcat:tomcat@localhost:10980/.../testQueryParameters. Check the spelling and try again.

[OK]

But above credentials are correct. I am using same credentials for the OE Explorer.

Posted by Peter Judge on 29-Aug-2018 12:00

The credentials for OE Explorer/Management are NOT the same as the credentials for your REST application.
 

Posted by atuldalvi123 on 29-Aug-2018 12:09

I meant to say tomcat manager credentials. I have different credentials for OE Explorer/Management

Posted by atuldalvi123 on 29-Aug-2018 12:11

I meant so say tomcat manager credentials. I have different credentials for OE Explorer/Management

Posted by Peter Judge on 29-Aug-2018 12:32

Same thing applies.
 
The Tomcat manager credentials aren’t the credentials used for your REST wbeapps.
 

Posted by atuldalvi123 on 29-Aug-2018 12:49

then what sould be there  ?

Which credentials  ?

Posted by Peter Judge on 29-Aug-2018 13:28

That depends on what you’ve configured them to be. There are assorted security configuration settings in the webapp’s WEB-INF directory.
 
 

This thread is closed