[Building Sakai] Membership RESTful web service
Sergio Muriel
sergioame at hotmail.com
Wed Aug 20 13:42:43 PDT 2014
Even if I put my application in the Sakai server, I wouldn't know (I haven't seen any examples) of how to take and use that cookie. Therefore, as we don't have any Single Sign-On solution implemented yet, and I don't want the user to log in again, I think I'd build up my solution using Gonzalo's example.
Best Regards,
Sergio Muriel
From: cschauer at txstate.edu
To: sergioame at hotmail.com
CC: sakai-dev at collab.sakaiproject.org
Subject: RE: [Building Sakai] Membership RESTful web service
Date: Wed, 20 Aug 2014 18:36:37 +0000
Unless your application is running on the same domain as Sakai, you won't have access to it. As an example, you might have your sakai instance at something like sakai.youruniversity.edu
and your application is at application.youruniversity.edu. The sakai session cookie's domain will be set to sakai.youruniversity.edu and the browser won't send it with any requests to application.youruniversity.edu.
Do you have something like CAS at your institution or some other single sign-on solution? If so, you could register your application to log in with CAS. Then your application would know the eid of the authenticated user and you could log in with an admin
account server side to make the api request.
The other option is to have some javascript on the page that makes the API request (similar to Gonzalo's example). This would require setting up CORS (cross-origin resource sharing) on the sakai server to allow api requests from your application's domain.
-Chris
From: Sergio Muriel [sergioame at hotmail.com]
Sent: Wednesday, August 20, 2014 10:55 AM
To: Schauer, Christopher R
Cc: Steve Swinsburg; sakai-dev at collab.sakaiproject.org
Subject: RE: [Building Sakai] Membership RESTful web service
You're right Chris,
it's another Java application completely separate from Sakai; but even if I create a new context in the Sakai server with my application there, it gives me the same result.
Any clues about how can I get and use that cookie?
Best Regards,
Sergio Muriel
From: cschauer at txstate.edu
To: sergioame at hotmail.com
CC: steve.swinsburg at gmail.com; sakai-dev at collab.sakaiproject.org
Subject: Re: [Building Sakai] Membership RESTful web service
Date: Tue, 19 Aug 2014 22:25:15 +0000
Is there a reason you're sending the request from the server instead of sending it from the browser using javascript? The service uses the same session cookie that the rest of sakai uses to tell if a user is logged in or not and that cookie is only visible
to the browser or the server that created it. It won't be available to your server which I'm assuming is another java application completely separate from sakai?
-Chris
On Aug 19, 2014, at 4:53 PM, Sergio Muriel <sergioame at hotmail.com> wrote:
Update:
When the user (userId, or userEid) exists it gives me:
JSP page: Exception: 403 ForbiddenBrowser with user logged in: {"entityPrefix": "membership", "membership_collection": ......etc, means actual information.Browser with user not logged in:
HTTP Status 403 - Security exception handling request for view (/membership.json), this is typically caused by the current user not having access to the data requested or the user not being logged
in at all :: message=Only admin can access other user memberships, current user (null) cannot access ref: admin
When the user (userId, or userEid) does not exist it gives me:
JSP page: Exception: 400 Bad RequestBrowser with user logged in: HTTP Status 400 - IllegalArgumentException: Unable to handle output request for format json for this path (/membership.json) for prefix (membership) for entity (/membership), request url (/membership.json):
unable to find user.Browser with user not logged in: Same as above.
Is there any way to make it work like the /direct/membership
service itself, which detects somehow if a user is logged in or not? I don't want the user to log in to the system again.
Best Regards,
Sergio Muriel
From: sergioame at hotmail.com
To: steve.swinsburg at gmail.com
Date: Tue, 19 Aug 2014 10:59:49 -0500
CC: sakai-dev at collab.sakaiproject.org
Subject: Re: [Building Sakai] Membership RESTful web service
This is how I'm making the request:
<%@ page import="org.springframework.web.client.RestTemplate"
%>
<% RestTemplate restTemplate = new RestTemplate();
SakaiUserMemberships userMemberships = restTemplate.getForObject("http://my_server/direct/membership.json?includeSites=false&includeGroups=true&userEid=sergio@hotmail.com",
SakaiUserMemberships.class);
%>
SakaiUserMemberships is a bean that represents what /direct/membership gives, but I get a HTTP 400 Bad Request.
Best Regards,
Sergio Muriel
Date: Tue, 19 Aug 2014 21:26:55 +1000
Subject: Re: [Building Sakai] Membership RESTful web service
From: steve.swinsburg at gmail.com
To: sergioame at hotmail.com
CC: ottenhoff at longsight.com;
sakai-dev at collab.sakaiproject.org
The /direct/membership/describe tells you how to use it. What request are you trying to make and how are you making it?
On Tue, Aug 19, 2014 at 3:14 AM, Sergio Muriel <sergioame at hotmail.com> wrote:
Great! Any examples of using this service?
http://qa5-us.sakaiproject.org/direct/membership
Best Regards,
Sergio Muriel
From: ottenhoff at longsight.com
Date: Mon, 18 Aug 2014 11:40:23 -0400
Subject: Re: [Building Sakai] Membership RESTful web service
To: bkirschn at umich.edu
CC: sergioame at hotmail.com; sakai-dev at collab.sakaiproject.org
grep tells me core-providers/src/java/org/sakaiproject/entitybroker/providers/MembershipEntityProvider.java
On Mon, Aug 18, 2014 at 11:26 AM, Kirschner, Beth <bkirschn at umich.edu> wrote:
Try this:
http://qa5-us.sakaiproject.org/direct/membership/describe
- Beth
On Aug 18, 2014, at 10:00 AM, Sergio Muriel <sergioame at hotmail.com> wrote:
> Dear All,
>
> Does anybody know where I can find the code of:
> SAKAI_SERVER/direct/membership ?? (ex: http://qa5-us.sakaiproject.org/direct/membership)
>
> Also, does anybody have an example of using that service?
> I'm getting a HTTP 400 Bad Request when I try to use it.
>
> Thank you in advance.
>
>
>
> Best Regards,
> Sergio Muriel
>
> _______________________________________________
> sakai-dev mailing list
> sakai-dev at collab.sakaiproject.org
> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>
> TO UNSUBSCRIBE: send email to sakai-dev-unsubscribe at collab.sakaiproject.org with
a subject of "unsubscribe"
_______________________________________________
sakai-dev mailing list
sakai-dev at collab.sakaiproject.org
http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
TO UNSUBSCRIBE: send email to sakai-dev-unsubscribe at collab.sakaiproject.org with a
subject of "unsubscribe"
_______________________________________________
sakai-dev mailing list
sakai-dev at collab.sakaiproject.org
http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
TO UNSUBSCRIBE: send email to sakai-dev-unsubscribe at collab.sakaiproject.org with a
subject of "unsubscribe"
_______________________________________________ sakai-dev mailing list
sakai-dev at collab.sakaiproject.org
http://collab.sakaiproject.org/mailman/listinfo/sakai-dev TO UNSUBSCRIBE: send email to
sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of "unsubscribe"
_______________________________________________
sakai-dev mailing list
sakai-dev at collab.sakaiproject.org
http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
TO UNSUBSCRIBE: send email to sakai-dev-unsubscribe at collab.sakaiproject.org with a
subject of "unsubscribe"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20140820/330ef766/attachment.html
More information about the sakai-dev
mailing list