Hitachi Vantara Pentaho Community Forums
Results 1 to 8 of 8

Thread: Making a ReST API call with authorization header

  1. #1

    Default Making a ReST API call with authorization header

    Hi all,
    I'm trying to make an API call to a service which requires an authorization header, but having a time with figuring it out. Perhaps syntax?
    I'm on version 6.1 of PDI community edition.

    My transformation is simple:
    1. I generate a row which provides the url, my parameter (-k) and my authorization header
    2. The REST Client step takes the URL from the submitted rows, and uses the headers and parameters passed in as well

    Name:  Screen Shot 2016-12-19 at 2.55.48 PM.png
Views: 3557
Size:  9.1 KB

    I'm not doing anything with the XML output just yet. The result of this call is a 401, so it's letting me know I'm unauthorized.
    I've attached my work sample, having swapped out the actual url as authentications. I did validate that all of these were correct (opened the url in a browser), verified that my username and password were properly translated. And I was able to make a curl call with this for the correct response.

    So how do I properly use the authentication headers? I've tried
    • As a parameter
    • As a header
    • with and without quotes
    • Including -H "Authorization: basic <usernameassword>"

    But still not getting through.

    Thanks for your help and clarifying questions!
    Attached Files Attached Files
    Last edited by roguen; 12-19-2016 at 05:16 PM.

  2. #2
    Join Date
    Jun 2012
    Posts
    5,534

    Default

    Isn't the Authorization header properly set when you enter user and password for basic authentication on the Authentication tab of the ReST-Client step?
    So long, and thanks for all the fish.

  3. #3

    Default

    If that was the case I would certainly feel silly. I had assumed that because my curl statement explicitly called out a header, that I would need to do the same in this task, but hopefully I'm wrong.

    I'll give it a try now.
    Last edited by roguen; 01-02-2017 at 03:30 PM.

  4. #4

    Default

    No luck. I attempted with both my base64:md5 encrypted login as well as plain text, but still the same 401 response.

    My curl statement looks like this:
    curl -H "Authorization: <prefix> <base64-username>:<md5-password>" https://myurl:9090/rest/example
    And just tested works as expected, returning a sample xml output.
    PDI CE 6.1.0.1-196
    Mac OSX 10.11.6
    Java version 1.8.0_77

  5. #5
    Join Date
    Sep 2015
    Posts
    1

    Default

    The Basic Authentication in the REST client step Base64 encodes the username and password combination. If your curl command works with base64(username):md5(password), I suggest to try and remove the contents of the authorization configuration tab and specify an Authorization header with a value of "Basic Base64User:MD5Pass" on the Headers tab.

  6. #6

    Default

    Thank you for the suggestion jjarvis.
    I attempted this is a few different ways, but still was not successful.
    -Specifying as a passed in header (as you suggest above) with encoded user and password
    -Using encoded user and password on the authentication tab
    -Using plain text user and password on the authentication tab.

    I have been given a tip around also providing a blank space xml string as the body field. I changed what I was doing to a comparable PUT curl statement that required an XML. This changed my error code from 401 (which I was told was actually related to the empty xml body) to a 403 error which seems more in alignment with the authorization issue I think I'm having here.
    PDI CE 6.1.0.1-196
    Mac OSX 10.11.6
    Java version 1.8.0_77

  7. #7
    Join Date
    Jun 2012
    Posts
    5,534

    Default

    Quote Originally Posted by roguen View Post
    I had assumed that because my curl statement explicitly called out a header, that I would need to do the same in this task, but hopefully I'm wrong.
    REST-Client is built around Apache Jersey, so authentication is handled transparently.
    You really don't have to struggle with the Authorization header.
    I have attached a simple demo using Basic Authentication (the only one supported by the REST-Client) with a publicly accessible website.
    When previewing the REST-Client I see a status code 200.
    Please note, I'm not using a proxy.
    Looking at the source code, I'm afraid REST-Client is treating every proxy like an authenticating proxy using the same credentials for the proxy as for the target server.
    Not sure how far you get with this.
    Good Luck.

    PS: Wireshark can help you to find out what's going wrong. Just use http as filter expression.
    Attached Files Attached Files
    Last edited by marabu; 01-12-2017 at 12:27 PM. Reason: grammar
    So long, and thanks for all the fish.

  8. #8

    Default

    Thanks for your help on this marabu,
    Your demo runs as expected for me and returns a 200. Looks like what I need it not using basic authentication though, and so this many be more difficult for me (perhaps not even doable with using this step).

    I'll play around with wireshark as you suggest and see what I find.
    PDI CE 6.1.0.1-196
    Mac OSX 10.11.6
    Java version 1.8.0_77

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Privacy Policy | Legal Notices | Safe Harbor Privacy Policy

Copyright © 2005 - 2019 Hitachi Vantara Corporation. All Rights Reserved.