(Migrated) UNAUTHORIZED public API response with admin.invoke user

(This message has been automatically imported from the retired mailing list)

I’m wondering why I’m seeing UNAUTHORIZED while trying to invoke the Zato
Public API using cUrl?

zato@ocx:~$ secret=$(grep INVOKE_PASS
/opt/zato/env/qs-1/web-admin/config/repo/web-admin.conf|gawk -F ‘"’ ‘{print
$4}’)

zato@ocx:~$ echo $secret

bG+d4LHWV…fsXs7e+Ovr70=

zato@ocx:~$ invokepass=$(zato decrypt --secret $secret
./env/qs-1/web-admin/config/repo/web-admin-priv-key.pem|gawk -F ‘[’ ‘{print
$2}’|gawk -F ‘]’ ‘{print $1}’)

zato@ocx:~$ echo $invokepass

2eb…7059

zato@ocx:~$ curl --user admin.invoke:$invokepass
http://my-public-ip:11223/zato/json/zato.kvdb.data-dict.dictionary.get-list

{“zato_env”: {“details”: “UNAUTHORIZED
path_info:[/zato/json/zato.kvdb.data-dict.dictionary.get-list],
cid:[K0459VBWWPH6SPHB619EJAT6Y34X], sec-wall code:[0004.0003],
description:[]\n”, “result”: “ZATO_ERROR”, “cid”:
“K0459VBWWPH6SPHB619EJAT6Y34X”}}

Thanks!

bigale

On 29/09/15 13:55, Alex Everitt wrote:

I’m wondering why I’m seeing UNAUTHORIZED while trying to invoke the
Zato Public API using cUrl?

Hi Alex,

can you please:

  • stop servers
  • open server.conf files
  • set misc.return_internal_objects to True
  • start them back
  • visit the HTTP channels page in web-admin which now will list internal
    ones as well
  • confirm which security definition is securing the URL path you’re invoking
  • use that security definition’s credentials then?

thanks a lot,