search

Alfresco / alfresco-docker-installer

Generator to build Docker Compose templates to deploy Alfresco Community
Other
142 stars 57 forks source link

authentication with ticket not supported .. issue with nginx ? #207

Open meufeu opened 3 hours ago

meufeu commented 3 hours ago

Hi,

Thank you for the great work but I have an issue. I can retrieve a ticket with the old url http://localhost/alfresco/s/api/login?u=admin&pw=admin (I retrieve the same ticket with the new one)

But I cannot use it ..

I have another instance installed in the old way, without any docker, and working fine without any kind of special configuration. I saw taht nginx is not confured exactly in the same way . maybe the root cause ?

Thank you !

`[root@test-gedi alfresco]# curl 'http://localhost/alfresco/s/api/login?u=admin&pw=admin' <?xml version="1.0" encoding="UTF-8"?>

TICKET_e3ca707b79981e005ab387a0d76bb4ecb7a049ba

[root@test-gedi alfresco]# echo TICKET_e3ca707b79981e005ab387a0d76bb4ecb7a049ba | openssl base64 VElDS0VUX2UzY2E3MDdiNzk5ODFlMDA1YWIzODdhMGQ3NmJiNGVjYjdhMDQ5YmEK [root@test-gedi alfresco]# echo -n TICKET_e3ca707b79981e005ab387a0d76bb4ecb7a049ba | openssl base64 VElDS0VUX2UzY2E3MDdiNzk5ODFlMDA1YWIzODdhMGQ3NmJiNGVjYjdhMDQ5YmE= [root@test-gedi alfresco]# curl -s -v -H 'Accept: application/json' -H 'Authorization: Basic VElDS0VUX2UzY2E3MDdiNzk5ODFlMDA1YWIzODdhMGQ3NmJiNGVjYjdhMDQ5YmE=' -X GET "http://localhost/alfresco/api/-default-/public/alfresco/versions/1/nodes/-root-"

aborroy commented 3 hours ago

Not sure if I understand your question.

When using Basic Auth with the REST API you need to use user credentials (like admin:admin).

When using a Ticket for authentication, you need to use a parameter alf_ticket, like:

curl -s -v -H 'Accept: application/json' -X GET "http://localhost/alfresco/api/-default-/public/alfresco/versions/1/nodes/-root-?alf_ticket=TICKET_e3ca707b79981e005ab387a0d76bb4ecb7a049ba"

May you describe explicitly what is the request that is failing?

meufeu commented 3 hours ago

Thank for your answer

I'm refering to this page : https://docs.alfresco.com/content-services/latest/develop/rest-api-guide/install/ and this method is working great when I don't install with docker ..

giving alf_ticket as a parameter give the same result >> login failed

[root@test-gedi alfresco]# curl -s -v -H 'Accept: application/json' -X GET "http://localhost/alfresco/api/-default-/public/alfresco/versions/1/nodes/-root-?alf_ticket=TICKET_e3ca707b79981e005ab387a0d76bb4ecb7a049ba"
* About to connect() to localhost port 80 (#0)
*   Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 80 (#0)
> GET /alfresco/api/-default-/public/alfresco/versions/1/nodes/-root-?alf_ticket=TICKET_e3ca707b79981e005ab387a0d76bb4ecb7a049ba HTTP/1.1
> User-Agent: curl/7.29.0
> Host: localhost
> Accept: application/json
>
< HTTP/1.1 401
< Server: nginx/1.24.0
< Date: Thu, 03 Oct 2024 13:56:52 GMT
< Content-Type: text/html;charset=UTF-8
< Content-Length: 80
< Connection: keep-alive
< Set-Cookie: JSESSIONID=2B3E8ECDC3BF49C1DF032C78F746E813; Path=/alfresco; HttpOnly
< WWW-Authenticate: Negotiate
<
<html><head>
</head><body><p>Login failed. Please try again.</p>
</body></html>
* Connection #0 to host localhost left intact
[root@test-gedi alfresco]#

but look, this is working on the same version but installed without docker 

[root@irfm-dev-gedi ~]# curl -s -v  -H 'Accept: application/json' -H 'Authorization: Basic VElDS0VUXzFlOGY0MzgyNDI5N2IwODNmMDQyYWE3OWEyY2M3NGU1MmFmZWEzZGE=' -X GET "http://localhost/alfresco/api/-default-/public/alfresco/versions/1/nodes/-root-"
* About to connect() to localhost port 80 (#0)
*   Trying ::1...
* Connexion refusée
*   Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 80 (#0)
> GET /alfresco/api/-default-/public/alfresco/versions/1/nodes/-root- HTTP/1.1
> User-Agent: curl/7.29.0
> Host: localhost
> Accept: application/json
> Authorization: Basic VElDS0VUXzFlOGY0MzgyNDI5N2IwODNmMDQyYWE3OWEyY2M3NGU1MmFmZWEzZGE=
>
< HTTP/1.1 200
< Server: nginx/1.20.1
< Date: Thu, 03 Oct 2024 13:54:15 GMT
< Content-Type: application/json;charset=UTF-8
< Transfer-Encoding: chunked
< Connection: keep-alive
< X-Frame-Options: SAMEORIGIN
< Cache-Control: no-cache
< Expires: Thu, 01 Jan 1970 00:00:00 GMT
< Pragma: no-cache
<
* Connection #0 to host localhost left intact
{"entry":{"aspectNames":["cm:titled","cm:auditable","app:uifacets"],"createdAt":"2023-05-31T13:38:37.333+0000","isFolder":true,"isFile":false,"createdByUser":{"id":"System","displayName":"System"},"modifiedAt":"2024-03-15T10:16:04.025+0000","modifiedByUser":{"id":"Test","displayName":"test test"},"name":"Espace racine","id":"e76bef9a-c60f-43cd-b675-2f3d1cbc7e33","nodeType":"cm:folder","properties":{"cm:title":"Espace racine","cm:description":"Espace racine de la société","app:icon":"space-icon-default"}}}[root@irfm-dev-gedi ~]#
[root@irfm-dev-gedi ~]#
aborroy commented 3 hours ago

Again, I have no idea what you mean...

Put a single curl command that works with manual installation and fails with docker installation. Without verbose information, please. Just only response obtained and response expected.

Thanks.

meufeu commented 1 hour ago

well

curl -s -v -H 'Accept: application/json' -H 'Authorization: Basic VElDS0VUXzFlOGY0MzgyNDI5N2IwODNmMDQyYWE3OWEyY2M3NGU1MmFmZWEzZGE=' -X GET "http://localhost/alfresco/api/-default-/public/alfresco/versions/1/nodes/-root-"

works on another serverand give me results.

but on a docker installed I get an 401 error :

Login failed. Please try again.

It is not a matter of account because it's working with admin:admin, just not working with a ticket.

meufeu commented 1 hour ago

in the same way

this curl -s -v -H 'Accept: application/json' -X GET "http://localhost/alfresco/api/-default-/public/alfresco/versions/1/nodes/-root-?alf_ticket=TICKET_e3ca707b79981e005ab387a0d76bb4ecb7a049ba"

works perfectly on another server but failed with 401 error "login failed" on the docker based installation.