date:20180421

Re: [Dhis2-devs] API not showing 401 Unauthorized error

2018-04-21 Thread Rangarirai Matavire

Thanks Jason,

In addition, if you add the '-L' option to the 2.28 and 2.29 queries as
follows:

curl -I -L -u admin:distric -H 'Accept: application/json'
https://play.dhis2.org/2.29/api/me

You get a redirect loop which seems infinite until it terminates in error
as follows:

HTTP/1.1 302

Server: nginx/1.4.6 (Ubuntu)

Date: Sat, 21 Apr 2018 13:13:18 GMT

Content-Length: 0

Connection: keep-alive

X-XSS-Protection: 1; mode=block

X-Frame-Options: SAMEORIGIN

X-Content-Type-Options: nosniff

Location: https://play.dhis2.org/2.29/dhis-web-commons/security/login.action


HTTP/1.1 302

Server: nginx/1.4.6 (Ubuntu)

Date: Sat, 21 Apr 2018 13:13:18 GMT

Content-Length: 0

Connection: keep-alive

X-XSS-Protection: 1; mode=block

X-Frame-Options: SAMEORIGIN

X-Content-Type-Options: nosniff

Location: https://play.dhis2.org/2.29/dhis-web-commons/security/login.action


HTTP/1.1 302

Server: nginx/1.4.6 (Ubuntu)

Date: Sat, 21 Apr 2018 13:13:18 GMT

Content-Length: 0

Connection: keep-alive

X-XSS-Protection: 1; mode=block

X-Frame-Options: SAMEORIGIN

X-Content-Type-Options: nosniff

Location: https://play.dhis2.org/2.29/dhis-web-commons/security/login.action


HTTP/1.1 302

Server: nginx/1.4.6 (Ubuntu)

Date: Sat, 21 Apr 2018 13:13:19 GMT

Content-Length: 0

Connection: keep-alive

X-XSS-Protection: 1; mode=block

X-Frame-Options: SAMEORIGIN

X-Content-Type-Options: nosniff

Location: https://play.dhis2.org/2.29/dhis-web-commons/security/login.action


HTTP/1.1 302

Server: nginx/1.4.6 (Ubuntu)

Date: Sat, 21 Apr 2018 13:13:19 GMT

Content-Length: 0

Connection: keep-alive

X-XSS-Protection: 1; mode=block

X-Frame-Options: SAMEORIGIN

X-Content-Type-Options: nosniff

Location: https://play.dhis2.org/2.29/dhis-web-commons/security/login.action


curl: (47) SSLRead() return error -9806

This causes bug in applications that access the api for authentication and
I can also see how this can be used to diminish system performance in
general.

Regards,

Ranga

On Sat, Apr 21, 2018 at 8:51 AM, Jason Pickering <
jason.p.picker...@gmail.com> wrote:

> Just to try and make it a bit more clear Morten, I think this is the issue
> Rangarai is asking about is  below:
>
> In 2.29 and 2.28, an unauthorized username/password returns a 302.
>
> curl -I -u admin:distric -H 'Accept: application/json'
> https://play.dhis2.org/2.29/api/me
> HTTP/1.1 302
> Server: nginx/1.4.6 (Ubuntu)
> Date: Sat, 21 Apr 2018 06:44:10 GMT
> Content-Length: 0
> Connection: keep-alive
> X-XSS-Protection: 1; mode=block
> X-Frame-Options: SAMEORIGIN
> X-Content-Type-Options: nosniff
> Location: https://play.dhis2.org/2.29/dhis-web-commons/security/
> login.action
>
>
> In 2.27, this same request returns a 401.
>
> curl -I -u admin:distric -H 'Accept: application/json'
> https://play.dhis2.org/2.27/api/me
> HTTP/1.1 401
> Server: nginx/1.4.6 (Ubuntu)
> Date: Sat, 21 Apr 2018 06:44:27 GMT
> Content-Type: text/html;charset=utf-8
> Content-Length: 1071
> Connection: keep-alive
> X-XSS-Protection: 1; mode=block
> X-Frame-Options: SAMEORIGIN
> X-Content-Type-Options: nosniff
> Set-Cookie: JSESSIONID=05596EBFC26A7C1843D298E98619C7FB; Path=/2.27;
> HttpOnly
> WWW-Authenticate: Basic realm="DHIS2"
> Content-Language: en
>
>
> On Fri, Apr 20, 2018 at 1:40 PM, Rangarirai Matavire 
> wrote:
>
>> Hi Morten,
>>
>> The password is set wrong deliberately so as to get a 401 or other
>> response. The problem is when you set the wrong password or username you
>> get endless redirects from the API.
>>
>> Regards,
>>
>>
>> On Fri, Apr 20, 2018 at 1:24 PM, Morten Olav Hansen 
>> wrote:
>>
>>> It should be district, not distric... but also people keep changing our
>>> internal passwords (our database resets every 24 hour)
>>>
>>> --
>>> Morten Olav Hansen
>>> Senior Engineer, DHIS 2
>>> University of Oslo
>>> http://www.dhis2.org
>>>
>>> On Fri, Apr 20, 2018 at 12:09 PM, Rangarirai Matavire <
>>> matavi...@gmail.com> wrote:
>>>
 By the way, its not just the error response code that is worrying, but
 also the loop of redirects that starts, this makes it difficult to handle
 the response for an http client. To see this loop of redirects, you can add
 -L to curl as below.

 curl -I -L -u admin:distric -H 'Accept: application/json'
 https://play.dhis2.org/2.28/api/me

 I think this behaviour should be corrected as it may lead to unexpected
 behaviour of apps.

 Regards

 On Wed, Apr 18, 2018 at 11:10 PM, Rangarirai Matavire <
 matavi...@gmail.com> wrote:

> Hi Devs,
>
> I am wondering whether the behaviour I am seeing is a bug or something
> to be expected due to some change.
>
> When I run the following curl command:
>
> curl -I -u admin:distric -H 'Accept: application/json'
> https://play.dhis2.org/2.29/api/me
>
> I get an HTTP 302 response. Note that I have deliberately set the
> password wrong so I can mock a 401 unauthorized

Re: [Dhis2-devs] [Dhis2-users] Android tracker enrollement

2018-04-21 Thread Knut Staring

Hi Victor,

Could you clarify the meaning of " how can I  all  old enrollment  for an
org unit"?

Do you mean "how can I DELETE all existing enrollments for an orgunit"?

Knut

On Sat, Apr 21, 2018 at 11:30 AM, Victor Tabu  wrote:

> Hi Dear all,
>
>
>
> I am using android to collect data with tracker module, but I would like
> to know how can I  all  old enrollment  for an org unit, because the logic
> of my program is to enrolled once and create many instance in that
> enrollment.
>
> I am able to do it in my computer but not able to do it in android, thank
> in advance for your support
>
>
>
> Best regards
>
>
>
> 
> -
>
> *Victor TABU TSHIBAMBULA*
>
> Adminstrateur Gestionnaire du Système d’Information - Kinshasa
>
> Tel: + (243) 814784184 , VoIP : 243 0301 1096, E-mail: vt...@unicef.org,
> skype : vtabu
>
>
>
> *Fonds des Nations Unies pour l’Enfance*
>
> 372, avenue Colonel Mondiba, Kinshasa - Ngaliema
>
> Suivez nous sur Facebook , Twitter
> , Pona Bana  et
> http://www.unicef.org/ 
>
>
>
>
>
>
>
>
> [image: cid:image003.jpg@01D37EE0.B5EF0170]
>
>
>
>
>
> *From:* Dhis2-users [mailto:dhis2-users-bounces+vtabu=unicef.org@lists.
> launchpad.net] *On Behalf Of *Adebusoye Anifalaje
> *Sent:* Thursday, April 19, 2018 9:17 PM
> *To:* DHIS 2 Users list ; DHIS 2
> developers ; mahdi asgari <
> mahdi.asg...@gmail.com>
> *Subject:* Re: [Dhis2-users] WEB API Error in DHIS2.30
>
>
>
> Hi Mahdi,
>
> I am forwarding your request to the user list. This is the appropriate
> forum for asking these sort of questions.
>
>
>
> Best.
>
> Busoye.
>
>
>
> -- Forwarded message -
> From: mahdi asgari 
> Date: Thu, 19 Apr 2018 at 20:25
> Subject: WEB API Error in DHIS2.30
> To: 
>
>
>
> Hi dear adebusoye
>
> I am using dhis2 version 2.30, compiled from github (last version),
> When i try to create trackedEntity, i get the following error
> I seem's TrackedEntity has been removed from TrackedEntityInstance
> how i can fix the problem.
>
> ERROR:
> {"httpStatus":"Internal Server Error","httpStatusCode":500,"
> status":"ERROR","message":"Unrecognized field \"trackedEntity\" (class
> org.hisp.dhis.dxf2.events.trackedentity.TrackedEntityInstance), not
> marked as ignorable (14 known properties: \"trackedEntityInstance\",
> \"lastUpdatedAtClient\", \"lastUpdated\", \"createdAtClient\",
> \"trackedEntityType\", \"orgUnit\", \"inactive\", \"enrollments\",
> \"featureType\", \"attributes\", \"deleted\", \"relationships\",
> \"created\", \"coordinates\"])\n at [Source: {\"trackedEntityInstance\":
> \"IKjF4BZg3hb\",\"trackedEntity\": \"nEenWmSyUEp\",\"orgUnit\":
> \"iq6Pt6QzM4d\",\"trackedEntityType\": \"MCPQUTHX1Ze\",\"attributes\"
> :[{\"attribute\":\"spFvx9FndA4\",\"value\":\"53\"},{\"attribute\":\"
> w75KJ2mc4zz\",\"value\":\"\"},{\"attribute\":\"
> hqtiQfZ66yc\",\"value\":\"??\"},{\"attribute\":\"
> zDhUuAYrxNC\",\"value\":\"\"},{\"attribute\":\"
> AuPLng5hLbE\",\"value\":\"51961113\"},{\"attribute\":\"
> EO4ms2Ju3nf\",\"value\":\"1\"},{\"attribute\":\"gHGyrwKPzej\
> ",\"value\":\"2013-09-17\"},{\"attribute\":\"P2cwLGskgxn\",\
> "value\":\"123\"},{\"attribute\":\"Agywv2JGwuq\",\"
> value\":\"\"}],\"enrollments\":[{\"orgUnit\":
> \"iq6Pt6QzM4d\",\"program\": \"LaWt5AR1tfl\",\"enrollmentDate\":
> \"2013-09-17\",\"incidentDate\": \"2013-09-17\"}]}; line: 1, column: 59]
> (through reference chain: org.hisp.dhis.dxf2.events.trackedentity.
> TrackedEntityInstance[\"trackedEntity\"])"}
>
> JSON DATA:
> {"trackedEntityInstance": "IKjF4BZg3hb","orgUnit":
> "iq6Pt6QzM4d","trackedEntity":"lp7Kq6QzS4d","trackedEntityType":
> "MCPQUTHX1Ze","attributes":[{"attribute":"spFvx9FndA4","
> value":"53","attribute":"w75KJ2mc4zz","value":"","
> attribute":"hqtiQfZ66yc","value":"??","attribute":"
> zDhUuAYrxNC","value":"","attribute":"AuPLng5hLbE","
> value":"51961113","attribute":"EO4ms2Ju3nf","value":"1","
> attribute":"gHGyrwKPzej","value":"2013-09-17","attribute":"P2cwLGskgxn","
> value":"123","attribute":"Agywv2JGwuq","value":""}],"enrollments":[{"orgUnit":
> "iq6Pt6QzM4d","program": "LaWt5AR1tfl","enrollmentDate":
> "2013-09-17","incidentDate": "2013-09-17"}]}
>
> thanks in advanced
>
> --
>
> Forgive the typos. Using handheld device
>
> ___
> Mailing list: https://launchpad.net/~dhis2-users
> Post to : dhis2-us...@lists.launchpad.net
> Unsubscribe : https://launchpad.net/~dhis2-users
> More help   : https://help.launchpad.net/ListHelp
>
>


-- 
Knut Staring

Department of Information, Evidence and Research
World Health Organization, Geneva, Switzerland
Office: +41 22 791 3683 Mob1: +33 6 4434

Re: [Dhis2-devs] API not showing 401 Unauthorized error

2018-04-21 Thread Jason Pickering

Just to try and make it a bit more clear Morten, I think this is the issue
Rangarai is asking about is  below:

In 2.29 and 2.28, an unauthorized username/password returns a 302.

curl -I -u admin:distric -H 'Accept: application/json'
https://play.dhis2.org/2.29/api/me
HTTP/1.1 302
Server: nginx/1.4.6 (Ubuntu)
Date: Sat, 21 Apr 2018 06:44:10 GMT
Content-Length: 0
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Location: https://play.dhis2.org/2.29/dhis-web-commons/security/login.action


In 2.27, this same request returns a 401.

curl -I -u admin:distric -H 'Accept: application/json'
https://play.dhis2.org/2.27/api/me
HTTP/1.1 401
Server: nginx/1.4.6 (Ubuntu)
Date: Sat, 21 Apr 2018 06:44:27 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 1071
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Set-Cookie: JSESSIONID=05596EBFC26A7C1843D298E98619C7FB; Path=/2.27;
HttpOnly
WWW-Authenticate: Basic realm="DHIS2"
Content-Language: en


On Fri, Apr 20, 2018 at 1:40 PM, Rangarirai Matavire 
wrote:

> Hi Morten,
>
> The password is set wrong deliberately so as to get a 401 or other
> response. The problem is when you set the wrong password or username you
> get endless redirects from the API.
>
> Regards,
>
>
> On Fri, Apr 20, 2018 at 1:24 PM, Morten Olav Hansen 
> wrote:
>
>> It should be district, not distric... but also people keep changing our
>> internal passwords (our database resets every 24 hour)
>>
>> --
>> Morten Olav Hansen
>> Senior Engineer, DHIS 2
>> University of Oslo
>> http://www.dhis2.org
>>
>> On Fri, Apr 20, 2018 at 12:09 PM, Rangarirai Matavire <
>> matavi...@gmail.com> wrote:
>>
>>> By the way, its not just the error response code that is worrying, but
>>> also the loop of redirects that starts, this makes it difficult to handle
>>> the response for an http client. To see this loop of redirects, you can add
>>> -L to curl as below.
>>>
>>> curl -I -L -u admin:distric -H 'Accept: application/json'
>>> https://play.dhis2.org/2.28/api/me
>>>
>>> I think this behaviour should be corrected as it may lead to unexpected
>>> behaviour of apps.
>>>
>>> Regards
>>>
>>> On Wed, Apr 18, 2018 at 11:10 PM, Rangarirai Matavire <
>>> matavi...@gmail.com> wrote:
>>>
 Hi Devs,

 I am wondering whether the behaviour I am seeing is a bug or something
 to be expected due to some change.

 When I run the following curl command:

 curl -I -u admin:distric -H 'Accept: application/json'
 https://play.dhis2.org/2.29/api/me

 I get an HTTP 302 response. Note that I have deliberately set the
 password wrong so I can mock a 401 unauthorized response. I get the same
 response when I run the command on version 2.28. However, as expected, when
 I run it on 2.27, 2.26 etc I get a 401 HTTP response.

 I hope someone can assist.

 Regards,

 Ranga

>>>
>>>
>>> ___
>>> Mailing list: https://launchpad.net/~dhis2-devs
>>> Post to : dhis2-devs@lists.launchpad.net
>>> Unsubscribe : https://launchpad.net/~dhis2-devs
>>> More help   : https://help.launchpad.net/ListHelp
>>>
>>>
>>
>
> ___
> Mailing list: https://launchpad.net/~dhis2-devs
> Post to : dhis2-devs@lists.launchpad.net
> Unsubscribe : https://launchpad.net/~dhis2-devs
> More help   : https://help.launchpad.net/ListHelp
>
>


-- 
Jason P. Pickering
email: jason.p.picker...@gmail.com
tel:+46764147049
___
Mailing list: https://launchpad.net/~dhis2-devs
Post to : dhis2-devs@lists.launchpad.net
Unsubscribe : https://launchpad.net/~dhis2-devs
More help   : https://help.launchpad.net/ListHelp

Re: [Dhis2-devs] API not showing 401 Unauthorized error

Re: [Dhis2-devs] [Dhis2-users] Android tracker enrollement

Re: [Dhis2-devs] API not showing 401 Unauthorized error

3 matches

Site Navigation

Mail list logo

Footer information