[midPoint] REST API -- gettng started

Pavol Mederly mederly at evolveum.com
Mon Feb 26 20:30:12 CET 2018


I am quite surprised. I frequently do things using REST, on a clean 
midPoint repository, without any specific settings. Just e.g. uploading 
files from Eclipse plugin (which uses REST do to that).

I use branch post-3.7-fixes (i.e. not the plain 3.7), though.

You could try this branch, if you have a minute to spare.

Pavol Mederly
Software developer
evolveum.com

On 26.02.2018 19:36, Sean R Penndorf wrote:
> I also get the same behavior with midpoint 3.7.
>
> I've created a role and assigned it to the administrator user and an 
> user I use for testing.  It has not helped.
>
> <role xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>   xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
>   xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>   xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3"
>   xmlns:org="http://midpoint.evolveum.com/xml/ns/public/common/org-3"
>   
> xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3"
>   
> xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
>   oid="82691976-2c42-42c4-9e8e-99f133a36e53"
>   version="6">
>  <name>REST Access</name>
>  <lifecycleState>active</lifecycleState>
>  <activation>
>   <effectiveStatus>enabled</effectiveStatus>
> <enableTimestamp>2018-02-23T15:54:18.310Z</enableTimestamp>
>  </activation>
>  <iteration>0</iteration>
>  <iterationToken/>
>  <authorization id="1">
>   
> <action>http://midpoint.evolveum.com/xml/ns/public/security/authorization-rest-3#all</action>
>   
> <action>http://midpoint.evolveum.com/xml/ns/public/security/authorization-ws-3#all</action>
>   
> <action>http://midpoint.evolveum.com/xml/ns/public/security/authorization-model-3#read</action>
>   <phase>execution</phase>
>  </authorization>
>  <requestable>false</requestable>
>  <delegable>false</delegable>
>  <idempotence>none</idempotence>
>  <roleType>Entitlement</roleType>
> </role>
>
>
> What does it take to get REST to work?
>
> ------------------
> *Sean Penndorf*
> SaaS Operational Services (SOS) - ID Management
> IBM Cloud
> srpenn at us.ibm.com
> Office: 248-552-4791   TL  623-9966
>
>
>
>
>
> From: David Westbrook <david.westbrook at catapultlearning.com>
> To: "midpoint at lists.evolveum.com" <midpoint at lists.evolveum.com>
> Date: 02/25/2018 11:39 AM
> Subject: [midPoint] REST API -- gettng started
> Sent by: "midPoint" <midpoint-bounces at lists.evolveum.com>
> ------------------------------------------------------------------------
>
>
> I’m having trouble getting started with the REST API (midpoint v3.7) … 
> Following the examples in the docs:
>
> _https://wiki.evolveum.com/display/midPoint/REST+API_ 
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__wiki.evolveum.com_display_midPoint_REST-2BAPI&d=DwMFAg&c=jf_iaSHvJObTbx-siA1ZOg&r=qEACHutvsppyidQwf1kYntDY-ZKom0n1kiWqpNpwVXg&m=1Sm7c9Zj9niaR9DzD9MKb20cH2sdY_ARkufN0cdauzE&s=zELK9TvC1uVP1zuUYhUlHGxYmhAODqS64WTB7nCkepA&e=>
>
> I’m either getting nothing (e.g. “Find owner of shadow” example) or 
> 403 Forbidden (e.g. “Create or Update Object”).
>
> I’m using the default administrator account/password, which is a 
> superuser role.
>
> What configuration/access settings should I check?   Nothing appears 
> in var/log/midpoint.log  for either of these attempts.
>
> curl --user administrator:5ecr3t -X GET 
> _http://localhost:8080/midpoint/ws/rest/shadows/8e605d0e-a8a4-48ef-a3ce-1941df449bc4/owner_ 
> <https://urldefense.proofpoint.com/v2/url?u=http-3A__localhost-3A8080_midpoint_ws_rest_shadows_8e605d0e-2Da8a4-2D48ef-2Da3ce-2D1941df449bc4_owner&d=DwMFAg&c=jf_iaSHvJObTbx-siA1ZOg&r=qEACHutvsppyidQwf1kYntDY-ZKom0n1kiWqpNpwVXg&m=1Sm7c9Zj9niaR9DzD9MKb20cH2sdY_ARkufN0cdauzE&s=Ypy7M0Vfvx1YLyPMAhHN214OguXp7gprhjpATmJS76w&e=> # 
> (that’s one of our account UID’s)
>
> curl -q \
>
> --user administrator:5ecr3t \
>
> -H "Content-Type: application/xml" \
>
> http://localhost:8080/midpoint/ws/rest/orgs\
>
> --data @org1.xml
>
> <org oid="c74a7d86-7798-11e2-964e-100000000101">
>
>       <name>F0100</name>
>
>       <description>Fine arts and stuff</description>
>
>       <parentOrgRef oid="c74a7d86-7798-11e2-964e-100000000100" 
> type="c:OrgType"/>
>
>       <displayName>Department of Arts</displayName>
>
>       <identifier>0100</identifier>
>
>       <orgType>functional</orgType>
>
>       <costCenter>CC100</costCenter>
>
>       <locality>Florence</locality>
>
>   </org>
>
> Thanks!
>
> --david
>
> David Westbrook
>
> Sr Application Developer
>
> Catapult Learning, LLC
>
> (803)-262-4010
>
> david.westbrook at catapultlearning.com
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> https://urldefense.proofpoint.com/v2/url?u=http-3A__lists.evolveum.com_mailman_listinfo_midpoint&d=DwIGaQ&c=jf_iaSHvJObTbx-siA1ZOg&r=qEACHutvsppyidQwf1kYntDY-ZKom0n1kiWqpNpwVXg&m=1Sm7c9Zj9niaR9DzD9MKb20cH2sdY_ARkufN0cdauzE&s=X15-bP25d26Umj4XUCSmMwg7mqRzjn2XgIHVbn3OS3A&e=
>
>
>
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20180226/a79c0111/attachment.htm>


More information about the midPoint mailing list