We access comments associated to a document object through an out-of-the-box webscript. In some environments, it works good. In others, we get some authentication error. We have Alfresco Community 5.2.x, Alfresco Community 6.0.
Here is a snippet of the error
{"error":{"errorKey":"framework.exception.ApiDefault","statusCode":401,"briefSummary":"00100014 Authentication failed for Web Script org/alfresco/api/ResourceWebScript.get","stackTrace":"For security reasons the stack trace is no longer displayed, but the property is kept for previous versions","descriptionURL":"https://api-explorer.alfresco.com"}}
Anyone had this issue and solved?
Can you provide details on the api you are using? Check the alfresco logs and see if you can identify anything. The error message you have provided is related to this : https://github.com/Alfresco/alfresco-community-repo/blob/master/remote-api/src/main/resources/alfres...
which requires 'user' level authentication to succeed.
This is what i tried to retrieve the comments from a node and it works.
http://localhost:8080/alfresco/api/-default-/public/alfresco/versions/1/nodes/9bbcfd1d-3279-4c4a-af6e-8a1177141779/comments?skipCount=0&maxItems=100&alf_ticket=TICKET_5290e90d9d99388c6d098b70cb8794fcb8292a53
Response example:
{ "list": { "pagination": { "count": 1, "hasMoreItems": false, "totalItems": 1, "skipCount": 0, "maxItems": 100 }, "entries": [ { "entry": { "createdAt": "2021-07-06T15:06:01.970+0000", "createdBy": { "enabled": true, "firstName": "Administrator", "displayName": "Administrator", "email": "admin@alfresco.com", "emailNotificationsEnabled": true, "company": {}, "id": "admin" }, "edited": false, "modifiedAt": "2021-07-06T15:06:01.970+0000", "canEdit": true, "modifiedBy": { "enabled": true, "firstName": "Administrator", "displayName": "Administrator", "email": "admin@alfresco.com", "emailNotificationsEnabled": true, "company": {}, "id": "admin" }, "canDelete": true, "id": "2f2df18e-8cbd-4690-80e7-93150211e487", "content": "<p>comment1</p>" } } ] } }
Hi sepgs2004.
401 means unauthorized, you should pass an Authorization header, either basic or bearer works. Checking the webscript you need at least to have user authtentication.
It's quite complex to know in deep what is happening without more details. Why is not happening in all your environments? This is interesting because looks like in some cases you have alredy login with a valid credentials and other cases no. Or maybe some of your documents are public... Here we have different possibilities. If you can specify more details that can help us to figure out what is happening. Also, check alfresco logs, if it's possible.
Cheers.
This is the extract of the code as of now. I am not sure if this is correct as of the necessary authentication. As far as I know, the user credentials that is passed is the cred that has access to the Alfresco Share site. Do the webscripts have separate authentication?
If it does not work, it does not work for all documents. So, for this problem, it is not document specific.
One difference is that retrieval of comments, does not work in some secure hosted environments.
I wonder if it has anything to do with using HTTP Rest in such an environment.
private ArrayList<DocComment> retrieveDocumentCommentsFromRepo (String objectId)
{
...
ArrayList<DocComment> comments = new ArrayList<DocComment>(); SimpleDateFormat simpleDateFormat = new SimpleDateFormat(this.communicationDateFormat); SimpleDateFormat displayDateFormat = new SimpleDateFormat("MM/dd/yyyy hh:mm:ss a"); CloseableHttpResponse response = null; URL cmisUrl = null; CredentialsProvider provider = new BasicCredentialsProvider(); UsernamePasswordCredentials creds = new UsernamePasswordCredentials(configUser, this.configUserPassword); provider.setCredentials(AuthScope.ANY, creds); CloseableHttpClient httpClient = HttpClientBuilder.create() .setDefaultCredentialsProvider(provider) .build(); try { int index = objectId.indexOf(";"); String nodeId = (index >= 0 ? (objectId.substring(0, index)) : objectId); cmisUrl = new URL ( (this.repoHost + this.restApiAccessPoint + "/nodes/" + nodeId + "/comments?fields=createdAt,modifiedAt,id,content,createdBy") ); } catch (Exception exc) {log.error("URL construction error!");} if (cmisUrl == null) return comments; HttpGet callFunction = new HttpGet(cmisUrl.toString());
try {
response = httpClient.execute(callFunction);
StatusLine sl = response.getStatusLine();
HttpEntity responseEntity = response.getEntity();
String content = EntityUtils.toString(responseEntity);
...
JsonElement jelement = new JsonParser().parse(content);
JsonObject commentsObject = jelement.getAsJsonObject();
commentsObject = commentsObject.getAsJsonObject("list");
if (commentsObject == null) return comments;
JsonArray commentItems = commentsObject.getAsJsonArray("entries");
...
}
} catch (Exception e) {
System.out.println("@RetrieveDocumentComments - Exception occurred");
e.printStackTrace();
}
finally {
if (response != null) { try {response.close();} catch (Exception ignore) {} }
if (httpClient != null) { try { httpClient.close();} catch (Exception ignore) {} }
}
return comments;
You can do a simple test to discard or confirm the problem is in that code:
- Find a document which is failing.
- Go to RESTClient (or a rest client similar) and launch the petition.
And check if you have the same error as with your code.
Let us know the results.
Ask for and offer help to other Alfresco Content Services Users and members of the Alfresco team.
Related links:
By using this site, you are agreeing to allow us to collect and use cookies as outlined in Alfresco’s Cookie Statement and Terms of Use (and you have a legitimate interest in Alfresco and our products, authorizing us to contact you in such methods). If you are not ok with these terms, please do not use this website.