Details

      Description

      Using an eZ Publish installation with ezdemo without demo content, I tried to create a user session via the REST API using the following curl command:

      curl -X POST -i -H 'Accept: application/vnd.ez.api.Session+xml'  -H 'Content-Type: application/vnd.ez.api.SessionInput+xml' -d @admin.xml http://ezp5.dev.vagrant/api/ezp/v2/user/sessions
      

      and I have the admin.xml file on my installation root:

      <?xml version="1.0" encoding="UTF-8"?>
      <SessionInput>
         <login>admin</login>
         <password>publish</password>
      </SessionInput>
      

      On a master version everything went ok and I got the following Response, as expected:

      HTTP/1.1 201 Created
      Date: Wed, 04 Feb 2015 10:13:42 GMT
      Server: Apache/2.4.6 (CentOS) PHP/5.4.16
      X-Powered-By: PHP/5.4.16
      Set-Cookie: eZSESSID=2gj1v476ojn9ch9etjqrohmcg0; path=/
      Cache-Control: private
      Vary: Cookie,Authorization
      Content-Length: 390
      Content-Type: application/vnd.ez.api.Session+xml
       
      <?xml version="1.0" encoding="UTF-8"?>
      <Session media-type="application/vnd.ez.api.Session+xml" href="/api/ezp/v2/user/sessions/2gj1v476ojn9ch9etjqrohmcg0"><name>eZSESSID</name><identifier>2gj1v476ojn9ch9etjqrohmcg0</identifier><csrfToken>2amUd8mBtxJadVfNwhciR7rSJjmjwrGoPAiapszOo4E</csrfToken><User media-type="application/vnd.ez.api.User+xml" href="/api/ezp/v2/user/users/14"/></Session>
      

      but on a 5.4.2 I was trying to do the same and instead I got a Response:

      HTTP/1.1 401 Unauthorized
      Date: Wed, 04 Feb 2015 13:32:05 GMT
      Server: Apache/2.4.6 (CentOS) PHP/5.4.16
      X-Powered-By: PHP/5.4.16
      Cache-Control: private
      WWW-Authenticate: Basic realm="eZ Publish REST API"
      Vary: Cookie,Authorization
      Content-Length: 0
      Content-Type: text/html; charset=UTF-8
      

      Previously made sure all caches and sessions were cleared.
      Info I followed for the curl command:
      https://github.com/ezsystems/ezpublish-kernel/blob/master/doc/specifications/rest/REST-API-V2.rst#basic-authentication

        Issue Links

          Activity

          Hide
          Damien Pobel (Inactive) added a comment - - edited

          It's because the default REST authentication method has changed. It's now session, it was basic auth 5.4 and before.

          There's already a doc issue for that https://jira.ez.no/browse/EZP-23857

          Show
          Damien Pobel (Inactive) added a comment - - edited It's because the default REST authentication method has changed. It's now session, it was basic auth 5.4 and before. There's already a doc issue for that https://jira.ez.no/browse/EZP-23857

            People

            • Assignee:
              Unassigned
              Reporter:
              Rui Silva (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: