OTCSTicket 401 Unauthorized Issue

MukeshIyer · 2021-09-22T19:55:18+00:00

There was an error rendering this rich post.

Hey,

I'm working on a java application that gets documents from the content server. The issue here is that when I generate the auth token from postman using the following API and pass it to the respective call as OTCSTicket, I'm getting the appropriate response, it works just fine.

https://{url}/otcs/cs.exe/api/v1/auth

However, when I try to do the same using the token generated from the java code. I get 401 unauthorized. the java code :

OkHttpClient client = new OkHttpClient().newBuilder()

.build();

RequestBody body = new MultipartBody.Builder().setType(MultipartBody.FORM)

.addFormDataPart("username",username)

.addFormDataPart("password",password)

.build();

Request request = new Request.Builder()

.url("https://{url}/otcs/cs.exe/api/v1/auth")

.method("POST", body)

.build();

try {

Response response = client.newCall(request).execute();

String token = response.body().string();

System.out.println(token);

int index = token.indexOf(":");

String finalToken = token.substring(index+2,token.length()-2);

return finalToken;

}

token :{"ticket":"XyUQm7Y4uunfcWm99\/5gyg0tef15Ij+P5lYIVop2JB5vTOATc6fdqx45HtQdUKzbAagYBnKn7hyAgliGnuRz8q1ajM9kcydPIhph5YbPYyz6Mpfc95Gd6oUcJl\/iegQiLcDAMlcUQgs="}

finalToken : XyUQm7Y4uunfcWm99\/5gyg0tef15Ij+P5lYIVop2JB5vTOATc6fdqx45HtQdUKzbAagYBnKn7hyAgliGnuRz8q1ajM9kcydPIhph5YbPYyz6Mpfc95Gd6oUcJl\/iegQiLcDAMlcUQgs=

Find more posts tagged with

Comments

rhorist

Did you figure out what the issue is? We are having the same thing happen where it looks like it is putting those "\/" in the token and those are not valid?

Appu Nair

A 401 is actually the webserver saying I won’t allow you in the case of the OT rest api the livelink website is not anonymous . Two or 3 posts prior I gave a reply on restclient question. If you are not careful the initial creation of the livelink website may not be anonymous .I would check that or send a OTDS ticket if you still get 401 chances are it is not the ticket but website access

Look at this https://forums.opentext.com/forums/developer/discussion/310751/problem-authenticating-in-call-using-ll-webreport-restclient#latest

Ahmed Hegazy

I have the same issue when calling the content server auth API from a simple nodejs middleware on the same server, I'm getting error code: 401 unauthorized but when i try to call from postman installed on the same server i get the ticket normally.

appuq

if possible I would install Fiddler and compare the working vs the nonworking one because Postman optimizes a lot of code for you.For example your CS is an HTTPS postman who knows how to exchange the certificate chain .

As I would say almost in any post I prefer to have my rest api client done like this

Instead of CS authentication getting the auth from OTDS, the OTDS ticket will seamlessly get exchanged for a CS ticket you will not know the difference nor will you be bothered bu things like "self" "frames" etc that you see in your code and you most likely wont get bothered by specific CS settings. Execute and get a OTDSTicket.
In your REST Client code to do some action instead of OTCSTicket send it with OTDSTicket.
Unfortunately, you have to be all correct when you write code if you are executing against a HTTPS OTDS or OTCS.(make sure your trust chain is accessible by the RestClient)

I also see basic scheme in your call if it is basic then the user should be known at the IIS level is that a valid assumption?