[ckan-dev] problems with api authentication
Adrià Mercader
adria.mercader at okfn.org
Tue Aug 9 14:46:56 UTC 2016
I wonder if it something related to the Filestore and its permissions.
Does it work if you don't upload a file and update say the name or
description of the resource?
Adrià
On 9 August 2016 at 13:19, Sasha Cuerda <scuerda at ctdata.org> wrote:
> Ian and Adrià,
>
> Thanks for your help.
>
> I've tried disabling extensions to no effect.
>
> Here is the verbose results from curl...
>
>> POST /api/3/action/resource_update HTTP/1.1
>> Host: data.ctdata.org
>> User-Agent: curl/7.43.0
>> Accept: */*
>> Authorization:<API-KEY>
>> Content-Length: 300
>> Expect: 100-continue
>> Content-Type: multipart/form-data;
>> boundary=------------------------f8151c03db98b3cd
>>
> < HTTP/1.1 100 Continue
> < HTTP/1.1 403 Forbidden
> < Server: nginx/1.4.6 (Ubuntu)
> < Date: Tue, 09 Aug 2016 12:05:08 GMT
> < Content-Type: application/json;charset=utf-8
> < Content-Length: 245
> < Connection: keep-alive
> < Pragma: no-cache
> < Cache-Control: no-cache
> < Access-Control-Allow-Origin: *
> * HTTP error before end of send, stop sending
> <
> * Closing connection 0
>
> Does anything here seem "off". It looks reasonable to me.
>
> Using the same user account I am able to create and modify resources on the
> dataset using the GUI...
>
>
> On Tue, Aug 9, 2016 at 8:00 AM, Adrià Mercader <adria.mercader at okfn.org>
> wrote:
>>
>> Also check for new extensions that might be messing with the
>> authorization (ie try disabling extensions and see if it works)
>>
>>
>> Adrià
>>
>> On 9 August 2016 at 12:52, Ian Ward <ian at excess.org> wrote:
>> > Has anything changed about your web server configuration? run curl
>> > with -v to see if you're getting a redirect or something. Is it
>> > possible the header is being stripped out along the way?
>> >
>> > On Tue, Aug 9, 2016 at 7:36 AM, Sasha Cuerda <scuerda at ctdata.org> wrote:
>> >> Hello Adrià,
>> >>
>> >> Yeah, that's what's so puzzling about this. I have certainly executed
>> >> this
>> >> call before, using the same server and the same api key. I created a
>> >> new
>> >> sysadmin account and tried using the same call w/ the new api key and
>> >> received the same error.
>> >>
>> >> Is there anything about the group / org permissions that would impact
>> >> this
>> >> behavior? I would think that sysadmin's would always have permissions
>> >> to
>> >> edit / update any dataset / resource, but I may be misunderstanding the
>> >> permissions system.
>> >>
>> >> Sasha
>> >>
>> >> On Tue, Aug 9, 2016 at 5:43 AM, Adrià Mercader
>> >> <adria.mercader at okfn.org>
>> >> wrote:
>> >>>
>> >>> Hi Sasha,
>> >>>
>> >>> On 8 August 2016 at 22:17, Sasha Cuerda <scuerda at ctdata.org> wrote:
>> >>> > {
>> >>> > "message": "Access denied: <function resource_update at
>> >>> > 0x7efead4c4848>
>> >>> > requires an authenticated user",
>> >>> > "__type": "Authorization Error"
>> >>> > }
>> >>> This error occurs when there is no user logged in or an auth header
>> >>> was not sent at all OR the user was not found (ie the API key is
>> >>> incorrect). Can you double check your header name and value?
>> >>>
>> >>> Other than that your same calls work for me on master.
>> >>>
>> >>> Adrià
>> >>> _______________________________________________
>> >>> ckan-dev mailing list
>> >>> ckan-dev at lists.okfn.org
>> >>> https://lists.okfn.org/mailman/listinfo/ckan-dev
>> >>> Unsubscribe: https://lists.okfn.org/mailman/options/ckan-dev
>> >>
>> >>
>> >>
>> >>
>> >> --
>> >> CT Data Collaborative, Director of Technology
>> >> 805 Brook St Building 4
>> >> Rocky Hill, CT 06067
>> >> M: (860) 385-4860
>> >>
>> >> _______________________________________________
>> >> ckan-dev mailing list
>> >> ckan-dev at lists.okfn.org
>> >> https://lists.okfn.org/mailman/listinfo/ckan-dev
>> >> Unsubscribe: https://lists.okfn.org/mailman/options/ckan-dev
>> >>
>> > _______________________________________________
>> > ckan-dev mailing list
>> > ckan-dev at lists.okfn.org
>> > https://lists.okfn.org/mailman/listinfo/ckan-dev
>> > Unsubscribe: https://lists.okfn.org/mailman/options/ckan-dev
>> _______________________________________________
>> ckan-dev mailing list
>> ckan-dev at lists.okfn.org
>> https://lists.okfn.org/mailman/listinfo/ckan-dev
>> Unsubscribe: https://lists.okfn.org/mailman/options/ckan-dev
>
>
>
>
> --
> CT Data Collaborative, Director of Technology
> 805 Brook St Building 4
> Rocky Hill, CT 06067
> M: (860) 385-4860
>
> _______________________________________________
> ckan-dev mailing list
> ckan-dev at lists.okfn.org
> https://lists.okfn.org/mailman/listinfo/ckan-dev
> Unsubscribe: https://lists.okfn.org/mailman/options/ckan-dev
>
More information about the ckan-dev
mailing list