"Message: Authentification failed" when using REST with JSON

Hello,

When I issue any REST request with Content-Type set to "application/json" in the HTTP header, I always get the following reply from the server:

{"Message":"Authentication failed.","StackTrace":"","ExceptionType":""}

Even with such a message, the request is processed without a problem.

I am testing this in Excel VBA. The following code should reproduce the issue. Please adjust carefully the value for your SpiraTeam configuration.

Public Sub ReproduceJSONContentTypeBug()
    'Issue: When specifying JSON as Content-Type, the server replies
    '{"Message":"Authentication failed.","StackTrace":"","ExceptionType":""}
    Dim BASEURL As String
    Dim PROJECT_ID As Long
    Dim RESSOURCEURL As String
    Dim USERNAME As String
    Dim APIKEY As String
    Dim requestBody As String
    Dim MyRequest As Object

    'Please adjust the following variables following your configuration
    BASEURL = "http://XXXXX/SpiraTeam/Services/v4_0/RestService.svc/"
    PROJECT_ID = XX
    RESSOURCEURL = "projects/" & PROJECT_ID & "/incidents"
    USERNAME = "XXXX"
    APIKEY = "{XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}"

    'Please adjust ProjectId's value accordingly.
    requestBody = "{""ProjectId"":XX,""Description"":""The server replied: 'Authentication failed.' but the incident was created."",""Name"":""Testing""}"

    'HTTP request
    Set MyRequest = CreateObject("WinHttp.WinHttpRequest.5.1")
    MyRequest.Open "POST", BASEURL & RESSOURCEURL
    MyRequest.setRequestHeader "username", USERNAME
    MyRequest.setRequestHeader "api-key", APIKEY
    MyRequest.setRequestHeader "Content-Type", "application/json" 'THIS LINE TRIGGERS THE ERRONEOUS SERVER'S REPLY.
    MyRequest.setRequestHeader "Accept", "application/json"
    MyRequest.send (requestBody)

    'The reply is always "{"Message":"Authentication failed.","StackTrace":"","ExceptionType":""}"
    'But the command processed correctly.
    Debug.Print MyRequest.responseText
    MsgBox MyRequest.responseText
End Sub

Tags:

(To Reply to this thread you first need to Sign-In)

2 Replies

Jim R.

re: Maxim Cournoyer on Wednesday, March 19, 2014
Friday, March 21, 2014

Hi Maxim
if you leave the Content-Type alone and just send the Accept: application/json header, does it then work?

Regards

Jim

Maxim Cournoyer

re: Jim R. on Friday, March 21, 2014
Friday, March 21, 2014

Hi Jim, thank you for your answer.

Removing the Content-Type header didn't work because now the server complained about the message being raw data.

However, the error gave me a hint by telling me that the accepted Content-Type are "Json" or "Xml" (notice the capitalized J).
So I retried with

MyRequest.setRequestHeader "Content-Type", "application/Json"

and it worked without the authentication issue.

Seems like a bug that could be fixed by Inflectra. The error message should tell me exactly what is wrong, not some (inexistant) authentication problem.

This solves my question, thanks again!

Tagged

Statistics

Started: 3/19/2014
Last Reply: 3/21/2014
Replies: 2
Views: 5056

Tel: 1-866-572-5878 | Help Desk | Legal Notices | Privacy Policy

Name:
Body:
Tags:

Name:
Body: