Can i authenticate myself as an admin using the RESTful API (in java code)?


#1

As per subject. So that I can do the operations just like users on the web
UI?
Thanks
Dikang


#2

Sure - you need to just create a new client credential, and then set
it to be an administrator.

See the ‘register’ and ‘authenticate’ methods here:

Adam

On Mon, Oct 19, 2009 at 3:02 AM, Dikang Gu dikang85@gmail.com wrote:

As per subject. So that I can do the operations just like users on the web
UI?
Thanks
Dikang


Opscode, Inc.
Adam Jacob, CTO
T: (206) 508-7449 E: adam@opscode.com


#3

Thank you Adam!
And after the authentication, will I get any information (like some tokens),
that I will use in the http call? To tell the chef-server that I have been
authenticated?

Thanks
Dikang

On Tue, Oct 20, 2009 at 2:25 AM, Adam Jacob adam@opscode.com wrote:

Sure - you need to just create a new client credential, and then set
it to be an administrator.

See the ‘register’ and ‘authenticate’ methods here:

http://gist.github.com/100837

Adam

On Mon, Oct 19, 2009 at 3:02 AM, Dikang Gu dikang85@gmail.com wrote:

As per subject. So that I can do the operations just like users on the
web
UI?
Thanks
Dikang


Opscode, Inc.
Adam Jacob, CTO
T: (206) 508-7449 E: adam@opscode.com


#4

please refer to my mail: “A problem when implementing the java client of
chef”.

On Tue, Oct 20, 2009 at 11:32 AM, Dikang Gu dikang85@gmail.com wrote:

Thank you Adam!
And after the authentication, will I get any information (like some
tokens), that I will use in the http call? To tell the chef-server that I
have been authenticated?

Thanks
Dikang

On Tue, Oct 20, 2009 at 2:25 AM, Adam Jacob adam@opscode.com wrote:

Sure - you need to just create a new client credential, and then set
it to be an administrator.

See the ‘register’ and ‘authenticate’ methods here:

http://gist.github.com/100837

Adam

On Mon, Oct 19, 2009 at 3:02 AM, Dikang Gu dikang85@gmail.com wrote:

As per subject. So that I can do the operations just like users on the
web
UI?
Thanks
Dikang


Opscode, Inc.
Adam Jacob, CTO
T: (206) 508-7449 E: adam@opscode.com


#5

Hi,

On 20/10/2009, at 4:37 PM, Dikang Gu wrote:

please refer to my mail: “A problem when implementing the java
client of chef”.

As per the Knife snippet, Chef::Rest#authenticate is called - http://github.com/opscode/chef/blob/master/chef/lib/chef/rest.rb#L65-76

 def authenticate(user, pass)
   Chef::Log.debug("Authenticating #{user} via openid")
   response = post_rest('openid/consumer/start', {
     "openid_identifier" => "#{Chef::Config[:openid_url]}/openid/ 

server/node/#{user}",
“submit” => “Verify”
})
post_rest(
"#{Chef::Config[:openid_url]}#{response[“action”]}",
{ “password” => pass }
)
end
Shouldn’t be too hard to port that over to Java. You’ll need to
persist and use the cookie in subsequent authentication-required calls
to the Chef Server [handled internally by Chef::Rest for the ruby
client].

HTH!

On Tue, Oct 20, 2009 at 11:32 AM, Dikang Gu dikang85@gmail.com
wrote:
Thank you Adam!

And after the authentication, will I get any information (like some
tokens), that I will use in the http call? To tell the chef-server
that I have been authenticated?

Thanks
Dikang

On Tue, Oct 20, 2009 at 2:25 AM, Adam Jacob adam@opscode.com wrote:
Sure - you need to just create a new client credential, and then set
it to be an administrator.

See the ‘register’ and ‘authenticate’ methods here:

http://gist.github.com/100837

Adam

On Mon, Oct 19, 2009 at 3:02 AM, Dikang Gu dikang85@gmail.com wrote:

As per subject. So that I can do the operations just like users on
the web
UI?
Thanks
Dikang


Opscode, Inc.
Adam Jacob, CTO
T: (206) 508-7449 E: adam@opscode.com


Arjuna Christensen, Software Development Engineer
Opscode, Inc.
E: aj@opscode.com


#6

Hi Arjuna,

Thank you for your information!

Yes, I have converted the ruby authenticate code to java, and used the
cookie in subsequent calls to Chef Server, but I still have the 401 error. I
attach some of the debug log, could you help me to talk a look at it,
please?

Thanks
Dikang

2009-10-20 12:01:58,705 DEBUG [httpclient.wire.header] - <>> “POST
/openid/server/decision HTTP/1.1[\r][\n]”>
2009-10-20 12:01:58,705 DEBUG [org.apache.commons.httpclient.HttpMethodBase]

2009-10-20 12:01:58,705 DEBUG [httpclient.wire.header] - <>> “Accept:
application/json[\r][\n]”>
2009-10-20 12:01:58,705 DEBUG [httpclient.wire.header] - <>> “Content-Type:
application/json[\r][\n]”>
2009-10-20 12:01:58,706 DEBUG [httpclient.wire.header] - <>> “Cookie:
_chef_server_session_id=BAh7CCIuT3BlbklEOjpDb25zdW1lcjo6bGFzdF9yZXF1ZXN0ZWRfZW5kcG9p%250AbnRvOiJPcGVuSUQ6Ok9wZW5JRFNlcnZpY2VFbmRwb2ludAw6DkBsb2NhbF9p%250AZDA6GEBkaXNwbGF5X2lkZW50aWZpZXIwOg9AdHlwZV91cmlzWwciLGh0dHA6%250ALy9zcGVjcy5vcGVuaWQubmV0L2F1dGgvMi4wL3NpZ25vbiIhaHR0cDovL29w%250AZW5pZC5uZXQvc2lnbm9uLzEuMDoQQHVzZWRfeWFkaXNUOhBAc2VydmVyX3Vy%250AbCIoaHR0cDovL2xvY2FsaG9zdDo0MDAxL29wZW5pZC9zZXJ2ZXI6EkBjYW5v%250AbmljYWxfaWQwOhBAY2xhaW1lZF9pZCI8aHR0cDovL2xvY2FsaG9zdDo0MDAx%250AL29wZW5pZC9zZXJ2ZXIvbm9kZS9zdGVwaGVuLWxhcHRvcCI9T3BlbklEOjpD%250Ab25zdW1lcjo6RGlzY292ZXJlZFNlcnZpY2VzOjpPcGVuSUQ6OkNvbnN1bWVy%250AOjpvOilPcGVuSUQ6OkNvbnN1bWVyOjpEaXNjb3ZlcmVkU2VydmljZXMJOg1A%250AY3VycmVudEAHOg5Ac2VydmljZXNbADoSQHN0YXJ0aW5nX3VybCI8aHR0cDov%250AL2xvY2FsaG9zdDo0MDAxL29wZW5pZC9zZXJ2ZXIvbm9kZS9zdGVwaGVuLWxh%250AcHRvcDoPQHlhZGlzX3VybCI8aHR0cDovL2xvY2FsaG9zdDo0MDAxL29wZW5p%250AZC9zZXJ2ZXIvbm9kZS9zdGVwaGVuLWxhcHRvcCIQbGFzdF9vaWRyZXFvOiNP%250AcGVuSUQ6OlNlcnZlcjo6Q2hlY2tJRFJlcXVlc3QOOg9AaW1tZWRpYXRlRjoO%250AQGlkZW50aXR5IjxodHRwOi8vbG9jYWxob3N0OjQwMDEvb3BlbmlkL3NlcnZl%250Aci9ub2RlL3N0ZXBoZW4tbGFwdG9wOhFAb3BfZW5kcG9pbnQiKGh0dHA6Ly9s%250Ab2NhbGhvc3Q6NDAwMS9vcGVuaWQvc2VydmVyOhBAdHJ1c3Rfcm9vdCIqaHR0%250AcDovL2xvY2FsaG9zdDo0MDAwL29wZW5pZC9jb25zdW1lcjoNQG1lc3NhZ2Vv%250AOhRPcGVuSUQ6Ok1lc3NhZ2UIOhNAb3BlbmlkX25zX3VyaSIlaHR0cDovL3Nw%250AZWNzLm9wZW5pZC5uZXQvYXV0aC8yLjA6EEBuYW1lc3BhY2VzbzoZT3BlbklE%250AOjpOYW1lc3BhY2VNYXAIOhhAbmFtZXNwYWNlX3RvX2FsaWFzewYiJWh0dHA6%250ALy9zcGVjcy5vcGVuaWQubmV0L2F1dGgvMi4wOhNudWxsX25hbWVzcGFjZToY%250AQGFsaWFzX3RvX25hbWVzcGFjZXsGOx1AGDoZQGltcGxpY2l0X25hbWVzcGFj%250AZXNbADoKQGFyZ3N7C1sHQBgiCW1vZGUiEmNoZWNraWRfc2V0dXBbB0AYIg9j%250AbGFpbWVkX2lkIjxodHRwOi8vbG9jYWxob3N0OjQwMDEvb3BlbmlkL3NlcnZl%250Aci9ub2RlL3N0ZXBoZW4tbGFwdG9wWwdAGCIRYXNzb2NfaGFuZGxlIiR7SE1B%250AQy1TSEExfXs0YWQyZDE0M317OXduUHpnPT19WwdAGCIOcmV0dXJuX3RvIjNo%250AdHRwOi8vbG9jYWxob3N0OjQwMDAvb3BlbmlkL2NvbnN1bWVyL2NvbXBsZXRl%250AWwdAGCIKcmVhbG1AFlsHQBgiDWlkZW50aXR5QBQ6EkBhc3NvY19oYW5kbGVA%250AJzoPQHJldHVybl90b0AqOwxAJDoKQG1vZGUiEmNoZWNraWRfc2V0dXA%253D–84e991d308ee059a6983fe0db0c5c99654f412c4;
path=/;[\r][\n]”>
2009-10-20 12:01:58,710 DEBUG [httpclient.wire.header] - <>> “User-Agent:
Jakarta Commons-HttpClient/3.1[\r][\n]”>
2009-10-20 12:01:58,710 DEBUG [httpclient.wire.header] - <>> “Host:
localhost:4001[\r][\n]”>
2009-10-20 12:01:58,710 DEBUG [httpclient.wire.header] - <>>
“Content-Length: 20[\r][\n]”>
2009-10-20 12:01:58,711 DEBUG [httpclient.wire.header] - <>> “[\r][\n]”>
2009-10-20 12:01:58,711 DEBUG [httpclient.wire.content] - <>>
"{“password”:“12345”}">
2009-10-20 12:01:58,753 DEBUG
[org.apache.commons.httpclient.methods.EntityEnclosingMethod] -
2009-10-20 12:01:58,754 DEBUG [httpclient.wire.header] - <<< “HTTP/1.1 302
Moved Temporarily[\r][\n]”>
2009-10-20 12:01:58,754 DEBUG [httpclient.wire.header] - <<< “HTTP/1.1 302
Moved Temporarily[\r][\n]”>
2009-10-20 12:01:58,754 DEBUG [httpclient.wire.header] - <<< “Connection:
close[\r][\n]”>
2009-10-20 12:01:58,754 DEBUG [httpclient.wire.header] - <<< “Date: Tue, 20
Oct 2009 04:01:58 GMT[\r][\n]”>
2009-10-20 12:01:58,757 DEBUG [httpclient.wire.header] - <<< “Location:
http://localhost:4000/openid/consumer/complete?openid.assoc_handle={HMAC-SHA1}{4ad2d143}{9wnPzg%3D%3D}&openid.claimed_id=http%3A%2F%2Flocalhost%3A4001%2Fopenid%2Fserver%2Fnode%2Fstephen-laptop&openid.identity=http%3A%2F%2Flocalhost%3A4001%2Fopenid%2Fserver%2Fnode%2Fstephen-laptop&openid.mode=id_res&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.op_endpoint=http%3A%2F%2Flocalhost%3A4001%2Fopenid%2Fserver&openid.response_nonce=2009-10-20T04%3A01%3A58Zr8XZqF&openid.return_to=http%3A%2F%2Flocalhost%3A4000%2Fopenid%2Fconsumer%2Fcomplete&openid.sig=wrJQBh2gKjiSqEcTTsLVvbQl2vI%3D&openid.signed=assoc_handle%2Cclaimed_id%2Cidentity%2Cmode%2Cns%2Cop_endpoint%2Cresponse_nonce%2Creturn_to%2Csigned[
\r][\n]”>
2009-10-20 12:01:58,757 DEBUG [httpclient.wire.header] - <<< “Content-Type:
text/html; charset=utf-8[\r][\n]”>
2009-10-20 12:01:58,762 DEBUG [httpclient.wire.header] - <<< “Set-Cookie:
_chef_server_session_id=BAh7CSIuT3BlbklEOjpDb25zdW1lcjo6bGFzdF9yZXF1ZXN0ZWRfZW5kcG9p%250AbnRvOiJPcGVuSUQ6Ok9wZW5JRFNlcnZpY2VFbmRwb2ludAw6DkBsb2NhbF9p%250AZDA6GEBkaXNwbGF5X2lkZW50aWZpZXIwOg9AdHlwZV91cmlzWwciLGh0dHA6%250ALy9zcGVjcy5vcGVuaWQubmV0L2F1dGgvMi4wL3NpZ25vbiIhaHR0cDovL29w%250AZW5pZC5uZXQvc2lnbm9uLzEuMDoQQHVzZWRfeWFkaXNUOhBAc2VydmVyX3Vy%250AbCIoaHR0cDovL2xvY2FsaG9zdDo0MDAxL29wZW5pZC9zZXJ2ZXI6EkBjYW5v%250AbmljYWxfaWQwOhBAY2xhaW1lZF9pZCI8aHR0cDovL2xvY2FsaG9zdDo0MDAx%250AL29wZW5pZC9zZXJ2ZXIvbm9kZS9zdGVwaGVuLWxhcHRvcCI9T3BlbklEOjpD%250Ab25zdW1lcjo6RGlzY292ZXJlZFNlcnZpY2VzOjpPcGVuSUQ6OkNvbnN1bWVy%250AOjpvOilPcGVuSUQ6OkNvbnN1bWVyOjpEaXNjb3ZlcmVkU2VydmljZXMJOg1A%250AY3VycmVudEAHOg5Ac2VydmljZXNbADoSQHN0YXJ0aW5nX3VybCI8aHR0cDov%250AL2xvY2FsaG9zdDo0MDAxL29wZW5pZC9zZXJ2ZXIvbm9kZS9zdGVwaGVuLWxh%250AcHRvcDoPQHlhZGlzX3VybCI8aHR0cDovL2xvY2FsaG9zdDo0MDAxL29wZW5p%250AZC9zZXJ2ZXIvbm9kZS9zdGVwaGVuLWxhcHRvcCIQbGFzdF9vaWRyZXEwIg5h%250AcHByb3ZhbHNbBiIqaHR0cDovL2xvY2FsaG9zdDo0MDAwL29wZW5pZC9jb25z%250AdW1lcg%253D%253D–0a8963d9657dc8f45ad2075472b9da36644680f4;
path=/;[\r][\n]”>
2009-10-20 12:01:58,779 DEBUG [httpclient.wire.header] - <<<
“Content-Length: 785[\r][\n]”>
2009-10-20 12:01:58,779 DEBUG [httpclient.wire.header] - <<< “[\r][\n]”>
2009-10-20 12:01:58,779 DEBUG [org.apache.commons.httpclient.HttpMethodBase]

  • <Cookie accepted: “$Version=0;
    _chef_server_session_id=BAh7CSIuT3BlbklEOjpDb25zdW1lcjo6bGFzdF9yZXF1ZXN0ZWRfZW5kcG9p%250AbnRvOiJPcGVuSUQ6Ok9wZW5JRFNlcnZpY2VFbmRwb2ludAw6DkBsb2NhbF9p%250AZDA6GEBkaXNwbGF5X2lkZW50aWZpZXIwOg9AdHlwZV91cmlzWwciLGh0dHA6%250ALy9zcGVjcy5vcGVuaWQubmV0L2F1dGgvMi4wL3NpZ25vbiIhaHR0cDovL29w%250AZW5pZC5uZXQvc2lnbm9uLzEuMDoQQHVzZWRfeWFkaXNUOhBAc2VydmVyX3Vy%250AbCIoaHR0cDovL2xvY2FsaG9zdDo0MDAxL29wZW5pZC9zZXJ2ZXI6EkBjYW5v%250AbmljYWxfaWQwOhBAY2xhaW1lZF9pZCI8aHR0cDovL2xvY2FsaG9zdDo0MDAx%250AL29wZW5pZC9zZXJ2ZXIvbm9kZS9zdGVwaGVuLWxhcHRvcCI9T3BlbklEOjpD%250Ab25zdW1lcjo6RGlzY292ZXJlZFNlcnZpY2VzOjpPcGVuSUQ6OkNvbnN1bWVy%250AOjpvOilPcGVuSUQ6OkNvbnN1bWVyOjpEaXNjb3ZlcmVkU2VydmljZXMJOg1A%250AY3VycmVudEAHOg5Ac2VydmljZXNbADoSQHN0YXJ0aW5nX3VybCI8aHR0cDov%250AL2xvY2FsaG9zdDo0MDAxL29wZW5pZC9zZXJ2ZXIvbm9kZS9zdGVwaGVuLWxh%250AcHRvcDoPQHlhZGlzX3VybCI8aHR0cDovL2xvY2FsaG9zdDo0MDAxL29wZW5p%250AZC9zZXJ2ZXIvbm9kZS9zdGVwaGVuLWxhcHRvcCIQbGFzdF9vaWRyZXEwIg5h%250AcHByb3ZhbHNbBiIqaHR0cDovL2xvY2FsaG9zdDo0MDAwL29wZW5pZC9jb25z%250AdW1lcg%253D%253D–0a8963d9657dc8f45ad2075472b9da36644680f4;
    $Path=/”>
    2009-10-20 12:01:58,780 DEBUG
    [org.apache.commons.httpclient.HttpMethodDirector] -
    2009-10-20 12:01:58,780 DEBUG [org.apache.commons.httpclient.HttpMethodBase]

2009-10-20 12:01:58,780 DEBUG [httpclient.wire.content] - <<<
“You are being redirected.”>
2009-10-20 12:01:58,780 DEBUG [org.apache.commons.httpclient.HttpMethodBase]

2009-10-20 12:01:58,780 DEBUG [org.apache.commons.httpclient.HttpConnection]

2009-10-20 12:01:58,781 DEBUG [org.apache.commons.httpclient.HttpConnection]

2009-10-20 12:01:58,781 DEBUG [httpclient.wire.header] - <>> “GET
/openid/consumer/complete?openid.assoc_handle=%7BHMAC-SHA1%7D%7B4ad2d143%7D%7B9wnPzg%3D%3D%7D&openid.claimed_id=http%3A%2F%2Flocalhost%3A4001%2Fopenid%2Fserver%2Fnode%2Fstephen-laptop&openid.identity=http%3A%2F%2Flocalhost%3A4001%2Fopenid%2Fserver%2Fnode%2Fstephen-laptop&openid.mode=id_res&openid.ns=http%3A%2F%
2Fspecs.openid.net%2Fauth%2F2.0&openid.op_endpoint=http%3A%2F%2Flocalhost%3A4001%2Fopenid%2Fserver&openid.response_nonce=2009-10-20T04%3A01%3A58Zr8XZqF&openid.return_to=http%3A%2F%2Flocalhost%3A4000%2Fopenid%2Fconsumer%2Fcomplete&openid.sig=wrJQBh2gKjiSqEcTTsLVvbQl2vI%3D&openid.signed=assoc_handle%2Cclaimed_id%2Cidentity%2Cmode%2Cns%2Cop_endpoint%2Cresponse_nonce%2Creturn_to%2Csigned
HTTP/1.1[\r][\n]”>
2009-10-20 12:01:58,782 DEBUG [org.apache.commons.httpclient.HttpMethodBase]

2009-10-20 12:01:58,782 DEBUG [httpclient.wire.header] - <>> “Accept:
application/json[\r][\n]”>
2009-10-20 12:01:58,782 DEBUG [httpclient.wire.header] - <>> “Content-Type:
application/json[\r][\n]”>
2009-10-20 12:01:58,782 DEBUG [httpclient.wire.header] - <>> “Cookie:
_chef_server_session_id=BAh7CSIuT3BlbklEOjpDb25zdW1lcjo6bGFzdF9yZXF1ZXN0ZWRfZW5kcG9p%250AbnRvOiJPcGVuSUQ6Ok9wZW5JRFNlcnZpY2VFbmRwb2ludAw6DkBsb2NhbF9p%250AZDA6GEBkaXNwbGF5X2lkZW50aWZpZXIwOg9AdHlwZV91cmlzWwciLGh0dHA6%250ALy9zcGVjcy5vcGVuaWQubmV0L2F1dGgvMi4wL3NpZ25vbiIhaHR0cDovL29w%250AZW5pZC5uZXQvc2lnbm9uLzEuMDoQQHVzZWRfeWFkaXNUOhBAc2VydmVyX3Vy%250AbCIoaHR0cDovL2xvY2FsaG9zdDo0MDAxL29wZW5pZC9zZXJ2ZXI6EkBjYW5v%250AbmljYWxfaWQwOhBAY2xhaW1lZF9pZCI8aHR0cDovL2xvY2FsaG9zdDo0MDAx%250AL29wZW5pZC9zZXJ2ZXIvbm9kZS9zdGVwaGVuLWxhcHRvcCI9T3BlbklEOjpD%250Ab25zdW1lcjo6RGlzY292ZXJlZFNlcnZpY2VzOjpPcGVuSUQ6OkNvbnN1bWVy%250AOjpvOilPcGVuSUQ6OkNvbnN1bWVyOjpEaXNjb3ZlcmVkU2VydmljZXMJOg1A%250AY3VycmVudEAHOg5Ac2VydmljZXNbADoSQHN0YXJ0aW5nX3VybCI8aHR0cDov%250AL2xvY2FsaG9zdDo0MDAxL29wZW5pZC9zZXJ2ZXIvbm9kZS9zdGVwaGVuLWxh%250AcHRvcDoPQHlhZGlzX3VybCI8aHR0cDovL2xvY2FsaG9zdDo0MDAxL29wZW5p%250AZC9zZXJ2ZXIvbm9kZS9zdGVwaGVuLWxhcHRvcCIQbGFzdF9vaWRyZXEwIg5h%250AcHByb3ZhbHNbBiIqaHR0cDovL2xvY2FsaG9zdDo0MDAwL29wZW5pZC9jb25z%250AdW1lcg%253D%253D–0a8963d9657dc8f45ad2075472b9da36644680f4;
path=/;[\r][\n]”>
2009-10-20 12:01:58,782 DEBUG [httpclient.wire.header] - <>> “User-Agent:
Jakarta Commons-HttpClient/3.1[\r][\n]”>
2009-10-20 12:01:58,782 DEBUG [httpclient.wire.header] - <>> “Host:
localhost:4000[\r][\n]”>
2009-10-20 12:01:58,782 DEBUG [httpclient.wire.header] - <>> “[\r][\n]”>
2009-10-20 12:01:58,797 DEBUG [httpclient.wire.header] - <<< “HTTP/1.1 302
Moved Temporarily[\r][\n]”>
2009-10-20 12:01:58,797 DEBUG [httpclient.wire.header] - <<< “HTTP/1.1 302
Moved Temporarily[\r][\n]”>
2009-10-20 12:01:58,798 DEBUG [httpclient.wire.header] - <<< “Connection:
close[\r][\n]”>
2009-10-20 12:01:58,798 DEBUG [httpclient.wire.header] - <<< “Date: Tue, 20
Oct 2009 04:01:58 GMT[\r][\n]”>
2009-10-20 12:01:58,798 DEBUG [httpclient.wire.header] - <<< “Location:
http://localhost:4000/nodes[\r][\n]”>
2009-10-20 12:01:58,798 DEBUG [httpclient.wire.header] - <<< “Content-Type:
text/html; charset=utf-8[\r][\n]”>
2009-10-20 12:01:58,799 DEBUG [httpclient.wire.header] - <<< “Set-Cookie:
_chef_server_session_id=BAh7DSIuT3BlbklEOjpDb25zdW1lcjo6bGFzdF9yZXF1ZXN0ZWRfZW5kcG9p%250AbnQwIg5yZXR1cm5fdG8wIgpsZXZlbDoJbm9kZSI9T3BlbklEOjpDb25zdW1l%250Acjo6RGlzY292ZXJlZFNlcnZpY2VzOjpPcGVuSUQ6OkNvbnN1bWVyOjowIg5u%250Ab2RlX25hbWUiE3N0ZXBoZW4tbGFwdG9wIg5hcHByb3ZhbHNbBiIqaHR0cDov%250AL2xvY2FsaG9zdDo0MDAwL29wZW5pZC9jb25zdW1lciIQbGFzdF9vaWRyZXEw%250AIgtvcGVuaWQiPGh0dHA6Ly9sb2NhbGhvc3Q6NDAwMS9vcGVuaWQvc2VydmVy%250AL25vZGUvc3RlcGhlbi1sYXB0b3A%253D–ea8d870e8fb41c144918c019d6e4730a8b88bba4;
path=/;[\r][\n]”>
2009-10-20 12:01:58,799 DEBUG [httpclient.wire.header] - <<<
“Content-Length: 82[\r][\n]”>
2009-10-20 12:01:58,799 DEBUG [httpclient.wire.header] - <<< “[\r][\n]”>
2009-10-20 12:01:58,799 DEBUG [org.apache.commons.httpclient.HttpMethodBase]

  • <Cookie accepted: “$Version=0;
    _chef_server_session_id=BAh7DSIuT3BlbklEOjpDb25zdW1lcjo6bGFzdF9yZXF1ZXN0ZWRfZW5kcG9p%250AbnQwIg5yZXR1cm5fdG8wIgpsZXZlbDoJbm9kZSI9T3BlbklEOjpDb25zdW1l%250Acjo6RGlzY292ZXJlZFNlcnZpY2VzOjpPcGVuSUQ6OkNvbnN1bWVyOjowIg5u%250Ab2RlX25hbWUiE3N0ZXBoZW4tbGFwdG9wIg5hcHByb3ZhbHNbBiIqaHR0cDov%250AL2xvY2FsaG9zdDo0MDAwL29wZW5pZC9jb25zdW1lciIQbGFzdF9vaWRyZXEw%250AIgtvcGVuaWQiPGh0dHA6Ly9sb2NhbGhvc3Q6NDAwMS9vcGVuaWQvc2VydmVy%250AL25vZGUvc3RlcGhlbi1sYXB0b3A%253D–ea8d870e8fb41c144918c019d6e4730a8b88bba4;
    $Path=/”>
    2009-10-20 12:01:58,799 DEBUG
    [org.apache.commons.httpclient.HttpMethodDirector] -
    2009-10-20 12:01:58,799 DEBUG
    [org.apache.commons.httpclient.HttpMethodDirector] - <Redirect requested to
    location ‘http://localhost:4000/nodes’>
    2009-10-20 12:01:58,800 DEBUG
    [org.apache.commons.httpclient.HttpMethodDirector] - <Redirecting from ‘
    http://localhost:4000/openid/consumer/complete’ to '
    http://localhost:4000/nodes>
    2009-10-20 12:01:58,800 DEBUG
    [org.apache.commons.httpclient.HttpMethodDirector] - <Execute redirect 1 of
    100>
    2009-10-20 12:01:58,800 DEBUG [httpclient.wire.content] - <<< “Verification
    of http://localhost:4001/openid/server/node/stephen-laptop succeeded.”>
    2009-10-20 12:01:58,800 DEBUG [org.apache.commons.httpclient.HttpMethodBase]

2009-10-20 12:01:58,800 DEBUG [org.apache.commons.httpclient.HttpConnection]

  • <Connection is locked. Call to releaseConnection() ignored.>
    2009-10-20 12:01:58,800 DEBUG [org.apache.commons.httpclient.HttpConnection]

2009-10-20 12:01:58,800 DEBUG [httpclient.wire.header] - <>> “GET /nodes
HTTP/1.1[\r][\n]”>
2009-10-20 12:01:58,800 DEBUG [org.apache.commons.httpclient.HttpMethodBase]

2009-10-20 12:01:58,801 DEBUG [httpclient.wire.header] - <>> “Accept:
application/json[\r][\n]”>
2009-10-20 12:01:58,801 DEBUG [httpclient.wire.header] - <>> “Content-Type:
application/json[\r][\n]”>
2009-10-20 12:01:58,801 DEBUG [httpclient.wire.header] - <>> “Cookie:
_chef_server_session_id=BAh7CSIuT3BlbklEOjpDb25zdW1lcjo6bGFzdF9yZXF1ZXN0ZWRfZW5kcG9p%250AbnRvOiJPcGVuSUQ6Ok9wZW5JRFNlcnZpY2VFbmRwb2ludAw6DkBsb2NhbF9p%250AZDA6GEBkaXNwbGF5X2lkZW50aWZpZXIwOg9AdHlwZV91cmlzWwciLGh0dHA6%250ALy9zcGVjcy5vcGVuaWQubmV0L2F1dGgvMi4wL3NpZ25vbiIhaHR0cDovL29w%250AZW5pZC5uZXQvc2lnbm9uLzEuMDoQQHVzZWRfeWFkaXNUOhBAc2VydmVyX3Vy%250AbCIoaHR0cDovL2xvY2FsaG9zdDo0MDAxL29wZW5pZC9zZXJ2ZXI6EkBjYW5v%250AbmljYWxfaWQwOhBAY2xhaW1lZF9pZCI8aHR0cDovL2xvY2FsaG9zdDo0MDAx%250AL29wZW5pZC9zZXJ2ZXIvbm9kZS9zdGVwaGVuLWxhcHRvcCI9T3BlbklEOjpD%250Ab25zdW1lcjo6RGlzY292ZXJlZFNlcnZpY2VzOjpPcGVuSUQ6OkNvbnN1bWVy%250AOjpvOilPcGVuSUQ6OkNvbnN1bWVyOjpEaXNjb3ZlcmVkU2VydmljZXMJOg1A%250AY3VycmVudEAHOg5Ac2VydmljZXNbADoSQHN0YXJ0aW5nX3VybCI8aHR0cDov%250AL2xvY2FsaG9zdDo0MDAxL29wZW5pZC9zZXJ2ZXIvbm9kZS9zdGVwaGVuLWxh%250AcHRvcDoPQHlhZGlzX3VybCI8aHR0cDovL2xvY2FsaG9zdDo0MDAxL29wZW5p%250AZC9zZXJ2ZXIvbm9kZS9zdGVwaGVuLWxhcHRvcCIQbGFzdF9vaWRyZXEwIg5h%250AcHByb3ZhbHNbBiIqaHR0cDovL2xvY2FsaG9zdDo0MDAwL29wZW5pZC9jb25z%250AdW1lcg%253D%253D–0a8963d9657dc8f45ad2075472b9da36644680f4;
path=/;[\r][\n]”>
2009-10-20 12:01:58,801 DEBUG [httpclient.wire.header] - <>> “User-Agent:
Jakarta Commons-HttpClient/3.1[\r][\n]”>
2009-10-20 12:01:58,802 DEBUG [httpclient.wire.header] - <>> “Host:
localhost:4000[\r][\n]”>
2009-10-20 12:01:58,802 DEBUG [httpclient.wire.header] - <>> “Cookie:
$Version=0;
_chef_server_session_id=BAh7DSIuT3BlbklEOjpDb25zdW1lcjo6bGFzdF9yZXF1ZXN0ZWRfZW5kcG9p%250AbnQwIg5yZXR1cm5fdG8wIgpsZXZlbDoJbm9kZSI9T3BlbklEOjpDb25zdW1l%250Acjo6RGlzY292ZXJlZFNlcnZpY2VzOjpPcGVuSUQ6OkNvbnN1bWVyOjowIg5u%250Ab2RlX25hbWUiE3N0ZXBoZW4tbGFwdG9wIg5hcHByb3ZhbHNbBiIqaHR0cDov%250AL2xvY2FsaG9zdDo0MDAwL29wZW5pZC9jb25zdW1lciIQbGFzdF9vaWRyZXEw%250AIgtvcGVuaWQiPGh0dHA6Ly9sb2NhbGhvc3Q6NDAwMS9vcGVuaWQvc2VydmVy%250AL25vZGUvc3RlcGhlbi1sYXB0b3A%253D–ea8d870e8fb41c144918c019d6e4730a8b88bba4;
$Path=/[\r][\n]”>
2009-10-20 12:01:58,802 DEBUG [httpclient.wire.header] - <>> “[\r][\n]”>
2009-10-20 12:01:58,871 DEBUG [httpclient.wire.header] - <<< “HTTP/1.1 200
OK[\r][\n]”>
2009-10-20 12:01:58,871 DEBUG [httpclient.wire.header] - <<< “HTTP/1.1 200
OK[\r][\n]”>
2009-10-20 12:01:58,871 DEBUG [httpclient.wire.header] - <<< “Connection:
close[\r][\n]”>
2009-10-20 12:01:58,871 DEBUG [httpclient.wire.header] - <<< “Date: Tue, 20
Oct 2009 04:01:58 GMT[\r][\n]”>
2009-10-20 12:01:58,871 DEBUG [httpclient.wire.header] - <<< “Content-Type:
application/json; charset=utf-8[\r][\n]”>
2009-10-20 12:01:58,871 DEBUG [httpclient.wire.header] - <<<
“Content-Length: 96[\r][\n]”>
2009-10-20 12:01:58,871 DEBUG [httpclient.wire.header] - <<< “[\r][\n]”>
2009-10-20 12:01:58,871 DEBUG [org.apache.commons.httpclient.HttpMethodBase]

2009-10-20 12:01:58,871 DEBUG [httpclient.wire.content] - <<<
"["http://localhost:4000/nodes/stephen-laptop",“http://localhost:4000/nodes/test_laptop”]">
2009-10-20 12:01:58,871 DEBUG [org.apache.commons.httpclient.HttpMethodBase]

2009-10-20 12:01:58,871 DEBUG [org.apache.commons.httpclient.HttpConnection]

2009-10-20 12:01:58,872 DEBUG [org.apache.commons.httpclient.HttpConnection]

2009-10-20 12:01:58,872 DEBUG [httpclient.wire.header] - <>> “GET
/nodes/stephen-laptop HTTP/1.1[\r][\n]”> ---- errors in this call
2009-10-20 12:01:58,872 DEBUG [org.apache.commons.httpclient.HttpMethodBase]

2009-10-20 12:01:58,872 DEBUG [httpclient.wire.header] - <>> “Accept:
application/json[\r][\n]”>
2009-10-20 12:01:58,872 DEBUG [httpclient.wire.header] - <>> “Content-Type:
application/json[\r][\n]”>
2009-10-20 12:01:58,872 DEBUG [httpclient.wire.header] - <>> “Cookie:
_chef_server_session_id=BAh7CSIuT3BlbklEOjpDb25zdW1lcjo6bGFzdF9yZXF1ZXN0ZWRfZW5kcG9p%250AbnRvOiJPcGVuSUQ6Ok9wZW5JRFNlcnZpY2VFbmRwb2ludAw6DkBsb2NhbF9p%250AZDA6GEBkaXNwbGF5X2lkZW50aWZpZXIwOg9AdHlwZV91cmlzWwciLGh0dHA6%250ALy9zcGVjcy5vcGVuaWQubmV0L2F1dGgvMi4wL3NpZ25vbiIhaHR0cDovL29w%250AZW5pZC5uZXQvc2lnbm9uLzEuMDoQQHVzZWRfeWFkaXNUOhBAc2VydmVyX3Vy%250AbCIoaHR0cDovL2xvY2FsaG9zdDo0MDAxL29wZW5pZC9zZXJ2ZXI6EkBjYW5v%250AbmljYWxfaWQwOhBAY2xhaW1lZF9pZCI8aHR0cDovL2xvY2FsaG9zdDo0MDAx%250AL29wZW5pZC9zZXJ2ZXIvbm9kZS9zdGVwaGVuLWxhcHRvcCI9T3BlbklEOjpD%250Ab25zdW1lcjo6RGlzY292ZXJlZFNlcnZpY2VzOjpPcGVuSUQ6OkNvbnN1bWVy%250AOjpvOilPcGVuSUQ6OkNvbnN1bWVyOjpEaXNjb3ZlcmVkU2VydmljZXMJOg1A%250AY3VycmVudEAHOg5Ac2VydmljZXNbADoSQHN0YXJ0aW5nX3VybCI8aHR0cDov%250AL2xvY2FsaG9zdDo0MDAxL29wZW5pZC9zZXJ2ZXIvbm9kZS9zdGVwaGVuLWxh%250AcHRvcDoPQHlhZGlzX3VybCI8aHR0cDovL2xvY2FsaG9zdDo0MDAxL29wZW5p%250AZC9zZXJ2ZXIvbm9kZS9zdGVwaGVuLWxhcHRvcCIQbGFzdF9vaWRyZXEwIg5h%250AcHByb3ZhbHNbBiIqaHR0cDovL2xvY2FsaG9zdDo0MDAwL29wZW5pZC9jb25z%250AdW1lcg%253D%253D–0a8963d9657dc8f45ad2075472b9da36644680f4;
path=/;[\r][\n]”>
2009-10-20 12:01:58,873 DEBUG [httpclient.wire.header] - <>> “User-Agent:
Jakarta Commons-HttpClient/3.1[\r][\n]”>
2009-10-20 12:01:58,873 DEBUG [httpclient.wire.header] - <>> “Host:
localhost:4000[\r][\n]”>
2009-10-20 12:01:58,873 DEBUG [httpclient.wire.header] - <>> “[\r][\n]”>
2009-10-20 12:01:58,907 DEBUG [httpclient.wire.header] - <<< “HTTP/1.1 401
Unauthorized[\r][\n]”>
2009-10-20 12:01:58,907 DEBUG [httpclient.wire.header] - <<< “HTTP/1.1 401
Unauthorized[\r][\n]”>
2009-10-20 12:01:58,907 DEBUG [httpclient.wire.header] - <<< “Connection:
close[\r][\n]”>
2009-10-20 12:01:58,907 DEBUG [httpclient.wire.header] - <<< “Date: Tue, 20
Oct 2009 04:01:58 GMT[\r][\n]”>
2009-10-20 12:01:58,907 DEBUG [httpclient.wire.header] - <<< “Content-Type:
text/html; charset=utf-8[\r][\n]”>
2009-10-20 12:01:58,908 DEBUG [httpclient.wire.header] - <<< “Set-Cookie:
_chef_server_session_id=BAh7CiIuT3BlbklEOjpDb25zdW1lcjo6bGFzdF9yZXF1ZXN0ZWRfZW5kcG9p%250AbnRvOiJPcGVuSUQ6Ok9wZW5JRFNlcnZpY2VFbmRwb2ludAw6DkBsb2NhbF9p%250AZDA6GEBkaXNwbGF5X2lkZW50aWZpZXIwOg9AdHlwZV91cmlzWwciLGh0dHA6%250ALy9zcGVjcy5vcGVuaWQubmV0L2F1dGgvMi4wL3NpZ25vbiIhaHR0cDovL29w%250AZW5pZC5uZXQvc2lnbm9uLzEuMDoQQHVzZWRfeWFkaXNUOhBAc2VydmVyX3Vy%250AbCIoaHR0cDovL2xvY2FsaG9zdDo0MDAxL29wZW5pZC9zZXJ2ZXI6EkBjYW5v%250AbmljYWxfaWQwOhBAY2xhaW1lZF9pZCI8aHR0cDovL2xvY2FsaG9zdDo0MDAx%250AL29wZW5pZC9zZXJ2ZXIvbm9kZS9zdGVwaGVuLWxhcHRvcCIOcmV0dXJuX3Rv%250AIhovbm9kZXMvc3RlcGhlbi1sYXB0b3AiPU9wZW5JRDo6Q29uc3VtZXI6OkRp%250Ac2NvdmVyZWRTZXJ2aWNlczo6T3BlbklEOjpDb25zdW1lcjo6bzopT3BlbklE%250AOjpDb25zdW1lcjo6RGlzY292ZXJlZFNlcnZpY2VzCToNQGN1cnJlbnRABzoO%250AQHNlcnZpY2VzWwA6EkBzdGFydGluZ191cmwiPGh0dHA6Ly9sb2NhbGhvc3Q6%250ANDAwMS9vcGVuaWQvc2VydmVyL25vZGUvc3RlcGhlbi1sYXB0b3A6D0B5YWRp%250Ac191cmwiPGh0dHA6Ly9sb2NhbGhvc3Q6NDAwMS9vcGVuaWQvc2VydmVyL25v%250AZGUvc3RlcGhlbi1sYXB0b3AiDmFwcHJvdmFsc1sGIipodHRwOi8vbG9jYWxo%250Ab3N0OjQwMDAvb3BlbmlkL2NvbnN1bWVyIhBsYXN0X29pZHJlcTA%253D–dcd442d85420d9495410a5a963b214277ec28520;
path=/;[\r][\n]”>
2009-10-20 12:01:58,908 DEBUG [httpclient.wire.header] - <<<
“Content-Length: 92868[\r][\n]”>
2009-10-20 12:01:58,908 DEBUG [httpclient.wire.header] - <<< “[\r][\n]”>
2009-10-20 12:01:58,909 DEBUG [org.apache.commons.httpclient.HttpMethodBase]

  • <Cookie accepted: “$Version=0;
    _chef_server_session_id=BAh7CiIuT3BlbklEOjpDb25zdW1lcjo6bGFzdF9yZXF1ZXN0ZWRfZW5kcG9p%250AbnRvOiJPcGVuSUQ6Ok9wZW5JRFNlcnZpY2VFbmRwb2ludAw6DkBsb2NhbF9p%250AZDA6GEBkaXNwbGF5X2lkZW50aWZpZXIwOg9AdHlwZV91cmlzWwciLGh0dHA6%250ALy9zcGVjcy5vcGVuaWQubmV0L2F1dGgvMi4wL3NpZ25vbiIhaHR0cDovL29w%250AZW5pZC5uZXQvc2lnbm9uLzEuMDoQQHVzZWRfeWFkaXNUOhBAc2VydmVyX3Vy%250AbCIoaHR0cDovL2xvY2FsaG9zdDo0MDAxL29wZW5pZC9zZXJ2ZXI6EkBjYW5v%250AbmljYWxfaWQwOhBAY2xhaW1lZF9pZCI8aHR0cDovL2xvY2FsaG9zdDo0MDAx%250AL29wZW5pZC9zZXJ2ZXIvbm9kZS9zdGVwaGVuLWxhcHRvcCIOcmV0dXJuX3Rv%250AIhovbm9kZXMvc3RlcGhlbi1sYXB0b3AiPU9wZW5JRDo6Q29uc3VtZXI6OkRp%250Ac2NvdmVyZWRTZXJ2aWNlczo6T3BlbklEOjpDb25zdW1lcjo6bzopT3BlbklE%250AOjpDb25zdW1lcjo6RGlzY292ZXJlZFNlcnZpY2VzCToNQGN1cnJlbnRABzoO%250AQHNlcnZpY2VzWwA6EkBzdGFydGluZ191cmwiPGh0dHA6Ly9sb2NhbGhvc3Q6%250ANDAwMS9vcGVuaWQvc2VydmVyL25vZGUvc3RlcGhlbi1sYXB0b3A6D0B5YWRp%250Ac191cmwiPGh0dHA6Ly9sb2NhbGhvc3Q6NDAwMS9vcGVuaWQvc2VydmVyL25v%250AZGUvc3RlcGhlbi1sYXB0b3AiDmFwcHJvdmFsc1sGIipodHRwOi8vbG9jYWxo%250Ab3N0OjQwMDAvb3BlbmlkL2NvbnN1bWVyIhBsYXN0X29pZHJlcTA%253D–dcd442d85420d9495410a5a963b214277ec28520;
    $Path=/”>
    2009-10-20 12:01:58,909 DEBUG
    [org.apache.commons.httpclient.HttpMethodDirector] -
    2009-10-20 12:01:58,910 DEBUG
    [org.apache.commons.httpclient.HttpMethodDirector] - <Authentication
    challenge(s) not found>
    2009-10-20 12:01:58,910 DEBUG [org.apache.commons.httpclient.HttpMethodBase]

2009-10-20 12:01:58,910 DEBUG [httpclient.wire.content] - <<< "
2009-10-20 12:01:58,911 DEBUG [httpclient.wire.content] - <<< " "
http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">[\n]">

On Tue, Oct 20, 2009 at 11:54 AM, Arjuna Christensen aj@opscode.com wrote:

Hi,
On 20/10/2009, at 4:37 PM, Dikang Gu wrote:

please refer to my mail: “A problem when implementing the java client of
chef”.

As per the Knife snippet, Chef::Rest#authenticate is called -
http://github.com/opscode/chef/blob/master/chef/lib/chef/rest.rb#L65-76

def authenticate(user, pass)
  Chef::Log.debug("Authenticating #{user} via openid")
  response = post_rest('openid/consumer/start', {
    "openid_identifier" => "#{Chef::Config[:openid_url]}/openid/server/node/#{user}",
    "submit" => "Verify"
  })
  post_rest(
    "#{Chef::Config[:openid_url]}#{response["action"]}",
    { "password" => pass }
  )
end

Shouldn’t be too hard to port that over to Java. You’ll need to persist and
use the cookie in subsequent authentication-required calls to the Chef
Server [handled internally by Chef::Rest for the ruby client].

HTH!

On Tue, Oct 20, 2009 at 11:32 AM, Dikang Gu dikang85@gmail.com wrote:

Thank you Adam!
And after the authentication, will I get any information (like some
tokens), that I will use in the http call? To tell the chef-server that I
have been authenticated?

Thanks
Dikang

On Tue, Oct 20, 2009 at 2:25 AM, Adam Jacob adam@opscode.com wrote:

Sure - you need to just create a new client credential, and then set
it to be an administrator.

See the ‘register’ and ‘authenticate’ methods here:

http://gist.github.com/100837

Adam

On Mon, Oct 19, 2009 at 3:02 AM, Dikang Gu dikang85@gmail.com wrote:

As per subject. So that I can do the operations just like users on the
web
UI?
Thanks
Dikang


Opscode, Inc.
Adam Jacob, CTO
T: (206) 508-7449 E: adam@opscode.com


Arjuna Christensen, Software Development Engineer
Opscode, Inc.
E: aj@opscode.com


#7

Hello,

On 20/10/2009, at 5:08 PM, Dikang Gu wrote:

Hi Arjuna,

Thank you for your information!

Yes, I have converted the ruby authenticate code to java, and used
the cookie in subsequent calls to Chef Server, but I still have the
401 error. I attach some of the debug log, could you help me to talk
a look at it, please?

Thanks
Dikang

{snip}

Can you please post the chef-server logs in debug mode (-l debug or
log_level :debug in server.rb) showing the auth/authz failure :slight_smile:

The default location is /var/log/chef/server.log

On Tue, Oct 20, 2009 at 11:54 AM, Arjuna Christensen
aj@opscode.com wrote:
Hi,

On 20/10/2009, at 4:37 PM, Dikang Gu wrote:

please refer to my mail: “A problem when implementing the java
client of chef”.

As per the Knife snippet, Chef::Rest#authenticate is called - http://github.com/opscode/chef/blob/master/chef/lib/chef/rest.rb#L65-76

def authenticate(user, pass)

  Chef::Log.debug("Authenticating #{user} via openid")

  response = post_rest('openid/consumer/start', {

    "openid_identifier" => "#{Chef::Config[:openid_url]}/openid/ 

server/node/#{user}",

    "submit" => "Verify"
  })

  post_rest(
    "#{Chef::Config[:openid_url]}#{response["action"]}",

    { "password" => pass }
  )

end

Shouldn’t be too hard to port that over to Java. You’ll need to
persist and use the cookie in subsequent authentication-required
calls to the Chef Server [handled internally by Chef::Rest for the
ruby client].

HTH!

On Tue, Oct 20, 2009 at 11:32 AM, Dikang Gu dikang85@gmail.com
wrote:
Thank you Adam!

And after the authentication, will I get any information (like some
tokens), that I will use in the http call? To tell the chef-server
that I have been authenticated?

Thanks
Dikang

On Tue, Oct 20, 2009 at 2:25 AM, Adam Jacob adam@opscode.com wrote:
Sure - you need to just create a new client credential, and then set
it to be an administrator.

See the ‘register’ and ‘authenticate’ methods here:

http://gist.github.com/100837

Adam

On Mon, Oct 19, 2009 at 3:02 AM, Dikang Gu dikang85@gmail.com
wrote:

As per subject. So that I can do the operations just like users
on the web
UI?
Thanks
Dikang


Opscode, Inc.
Adam Jacob, CTO
T: (206) 508-7449 E: adam@opscode.com


Arjuna Christensen, Software Development Engineer
Opscode, Inc.
E: aj@opscode.com


Arjuna Christensen, Software Development Engineer
Opscode, Inc.
E: aj@opscode.com


#8

Hi Arjuna,
I’ve solved this issue, by fixing a cookie bug!

Thanks very much for your help!

Thanks
Dikang

On Tue, Oct 20, 2009 at 12:40 PM, Arjuna Christensen aj@opscode.com wrote:

Hello,
On 20/10/2009, at 5:08 PM, Dikang Gu wrote:

Hi Arjuna,

Thank you for your information!

Yes, I have converted the ruby authenticate code to java, and used the
cookie in subsequent calls to Chef Server, but I still have the 401 error. I
attach some of the debug log, could you help me to talk a look at it,
please?

Thanks
Dikang

{snip}

Can you please post the chef-server logs in debug mode (-l debug or
log_level :debug in server.rb) showing the auth/authz failure :slight_smile:

The default location is /var/log/chef/server.log

On Tue, Oct 20, 2009 at 11:54 AM, Arjuna Christensen aj@opscode.comwrote:

Hi,
On 20/10/2009, at 4:37 PM, Dikang Gu wrote:

please refer to my mail: “A problem when implementing the java client of
chef”.

As per the Knife snippet, Chef::Rest#authenticate is called -
http://github.com/opscode/chef/blob/master/chef/lib/chef/rest.rb#L65-76

def authenticate(user, pass)

  Chef::Log.debug("Authenticating #{user} via openid")
  response = post_rest('openid/consumer/start', {

    "openid_identifier" => "#{Chef::Config[:openid_url]}/openid/server/node/#{user}",
    "submit" => "Verify"
  })
  post_rest(
    "#{Chef::Config[:openid_url]}#{response["action"]}",
    { "password" => pass }
  )
end

Shouldn’t be too hard to port that over to Java. You’ll need to persist
and use the cookie in subsequent authentication-required calls to the Chef
Server [handled internally by Chef::Rest for the ruby client].

HTH!

On Tue, Oct 20, 2009 at 11:32 AM, Dikang Gu dikang85@gmail.com wrote:

Thank you Adam!
And after the authentication, will I get any information (like some
tokens), that I will use in the http call? To tell the chef-server that I
have been authenticated?

Thanks
Dikang

On Tue, Oct 20, 2009 at 2:25 AM, Adam Jacob adam@opscode.com wrote:

Sure - you need to just create a new client credential, and then set
it to be an administrator.

See the ‘register’ and ‘authenticate’ methods here:

http://gist.github.com/100837

Adam

On Mon, Oct 19, 2009 at 3:02 AM, Dikang Gu dikang85@gmail.com wrote:

As per subject. So that I can do the operations just like users on the
web
UI?
Thanks
Dikang


Opscode, Inc.
Adam Jacob, CTO
T: (206) 508-7449 E: adam@opscode.com


Arjuna Christensen, Software Development Engineer
Opscode, Inc.
E: aj@opscode.com


Arjuna Christensen, Software Development Engineer
Opscode, Inc.
E: aj@opscode.com