Re: issue about requesting the MCF API

Tue, 11 Oct 2022 03:16:48 -0700 

Obfuscated passwords must be set with a different property name, beginning
with "obfuscated".

Karl


On Tue, Oct 11, 2022 at 2:36 AM Olivier Tavard <
olivier.tav...@francelabs.com> wrote:

> Hi,
>
> I cannot do a request to the API with the API login password obfuscated. I
> always have to use the clear password in order to establish the connection.
>
> Example with a MCF 2.23 ootb :
> property.xml modified with these values :
> <property name="org.apache.manifoldcf.login.name" value="admin"/>
> <property name="org.apache.manifoldcf.login.password" value="test"/>
> <property name="org.apache.manifoldcf.apilogin.password.obfuscated"
> value="nG45xHpDQ6KY+la8ZGhzyAg8LBfLPbs7x9vEVYcYXTU="/>
>
> API call with curl  :
> #!/bin/bash -e
>
> PASSWORD=nG45xHpDQ6KY+la8ZGhzyAg8LBfLPbs7x9vEVYcYXTU=
>
> curl -c "cookie_mcfscript" -XPOST
> http://localhost:8345/mcf-api-service/json/LOGIN -d '{
> "userID":"","password": "'${PASSWORD}'" }'
> curl -b "cookie_mcfscript" -s '
> http://localhost:8345/mcf-api-service/json/jobstatuses'
>
> Answer : {}{}
> Error 401 unauthorized
>
> If I add into property.xml the property :
> <property name="org.apache.manifoldcf.apilogin.password" value="test"/>
> And if I change the API call with ’test’ password:
>
> #!/bin/bash -e
>
> PASSWORD=test
>
>
> curl -c "cookie_mcfscript" -XPOST
> http://localhost:8345/mcf-api-service/json/LOGIN -d '{
> "userID":"","password": "'${PASSWORD}'" }'
> curl -b "cookie_mcfscript" -s '
> http://localhost:8345/mcf-api-service/json/jobstatuses'
>
> In this case I have the expected answer :
> {}{"jobstatus":{"_children_":[{"_type_":"job_id","_value_":"1665410963765"},{"_type_":"status","_value_":"not
> yet
> run"},{"_type_":"documents_in_queue","_value_":"0"},{"_type_":"documents_outstanding","_value_":"0"},{"_type_":"documents_processed","_value_":"0"},{"_type_":"queue_exact","_value_":"true"},{"_type_":"outstanding_exact","_value_":"true"},{"_type_":"processed_exact","_value_":"true"}]}}
>
> Is there a problem with the API call or do I need to change something to
> use the api login password obfuscated ?
>
> Thanks,
> Best regards,
>
> Olivier TAVARD
>
>
>
>
>

Reply via email to