Details
-
Bug
-
Resolution: Duplicate
-
High
-
5.4.2
-
None
Description
Using an eZ Publish installation with ezdemo without demo content, I tried to create a user session via the REST API using the following curl command:
curl -X POST -i -H 'Accept: application/vnd.ez.api.Session+xml' -H 'Content-Type: application/vnd.ez.api.SessionInput+xml' -d @admin.xml http://ezp5.dev.vagrant/api/ezp/v2/user/sessions
and I have the admin.xml file on my installation root:
<?xml version="1.0" encoding="UTF-8"?> <SessionInput> <login>admin</login> <password>publish</password> </SessionInput>
On a master version everything went ok and I got the following Response, as expected:
HTTP/1.1 201 Created Date: Wed, 04 Feb 2015 10:13:42 GMT Server: Apache/2.4.6 (CentOS) PHP/5.4.16 X-Powered-By: PHP/5.4.16 Set-Cookie: eZSESSID=2gj1v476ojn9ch9etjqrohmcg0; path=/ Cache-Control: private Vary: Cookie,Authorization Content-Length: 390 Content-Type: application/vnd.ez.api.Session+xml <?xml version="1.0" encoding="UTF-8"?> <Session media-type="application/vnd.ez.api.Session+xml" href="/api/ezp/v2/user/sessions/2gj1v476ojn9ch9etjqrohmcg0"><name>eZSESSID</name><identifier>2gj1v476ojn9ch9etjqrohmcg0</identifier><csrfToken>2amUd8mBtxJadVfNwhciR7rSJjmjwrGoPAiapszOo4E</csrfToken><User media-type="application/vnd.ez.api.User+xml" href="/api/ezp/v2/user/users/14"/></Session>
but on a 5.4.2 I was trying to do the same and instead I got a Response:
HTTP/1.1 401 Unauthorized Date: Wed, 04 Feb 2015 13:32:05 GMT Server: Apache/2.4.6 (CentOS) PHP/5.4.16 X-Powered-By: PHP/5.4.16 Cache-Control: private WWW-Authenticate: Basic realm="eZ Publish REST API" Vary: Cookie,Authorization Content-Length: 0 Content-Type: text/html; charset=UTF-8
Previously made sure all caches and sessions were cleared.
Info I followed for the curl command:
https://github.com/ezsystems/ezpublish-kernel/blob/master/doc/specifications/rest/REST-API-V2.rst#basic-authentication