DX NetOps

Expand all | Collapse all

odataquery builder then curl requests authentication failure

  • 1.  odataquery builder then curl requests authentication failure

    Posted 07-20-2017 01:21 PM

    We recently setup our CAPC to authenticate with SAML to meet government 2-factor signon requirements.

    CAPC user interface is listening on 8181, but uses 8381 to authenticate with external source.

    My problem is specific to the querybuilder:8581 "karaf" service running on the aggregator.

    I use CURL to submit a URL that was generated by querybuilder, and specify -u <username:password> and -H <fake header to look like a windows/firefox browser> then -X "http:URL".

    I have looked at a tcpdump and see that my aggregator is trying to authenticate on port 838when my CAPC is listening for authentication requests on 8381.


    What I need is to know how to configure the apache karaf web application to talk to my CAPC using 8381 rather than 8382.

    * tcpdump shows the communication attempt.

    * logs show authentication fails and returns a 403-Forbidden html response.

    * I can't find any documentation on CA that shows how to add a configuration line to change this.

    * I this would be the file ???? "apache-karaf/etc/com.ca.im.odata.authservice.impl.AuthenticationService.cfg"

    * I searched the hard drive and ran a grep for 8382 and can't find that value stored in any configuration files.

    * karaf.log shows :

    ERROR | 75773321-2168382 | 2017-07-18 20:11:11,261 | AuthenticationServiceImpl | e.impl.AuthenticationServiceImpl 1176 | -services.authentication |       | Basic authorization error - failed to contact sso service. The sso service may be down.



    Any thoughts or ideas?   Has anyone else encountered this issue?  Is there a way to set the webapp configuration to attempt authentication to CAPC on 8381 instead of 8382 ?

  • 2.  RE: odataquery builder then curl requests authentication failure

    Posted 08-09-2019 04:16 AM
    Edited by Diogo Almeida 08-09-2019 04:16 AM
    Did you solved this problem? I have the same thing since a while...