P.S.:
I have by now found by request-tracing this in DWA, that DWA gets the value of the Enum using the following request:
POST http://localhost:8080/dwa/json/doors/node/getAttributes
…with a number of values in the request body that I’m not sure where they come from.
Bottom line, however, is, that this request returns something that I can work with, namely a .json
with all the attribute definitions, including:
{
"objectId":"AB:5efc6f9a4ff877cf:23:2100000100:2800000003:{1000000,1597043551}",
"Attributes":{
"User":{
"values":[
[...]
{
"attributeId":"VerificationState",
"editable":false,
"isAttrDxl":false,
"editorMenuOptionType":"0",
"type":"E",
"value":"1",
"domain":[
{
"label":"not verified",
"value":"1"
},
{
"label":"passed",
"value":"2"
},
{
"label":"failed",
"value":"3"
}
]
},
[...]
]
}
}
}
However, the problem is that the site does not seem to accept the request when coming from the outside due to CSRF protection. That is, even if I send the very same request with all the same parameters via RESTED, I get the following response:
HTTP Status 400 – Bad Request
Type Status Report
Message The CSRF token is invalid: The CSRF token is null.
Description The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing).
I have also tried calling this URI via getResource, like this:
Map<String, String> requestHeaders = new HashMap<String, String>();
requestHeaders.put("objectGuid","AB:5efc6f9a4ff877cf:23:2100000060:2800000002:{1000000,1594286433}");
requestHeaders.put("viewGuid", "AB:5efc6f9a4ff877cf:1a:1a00000000:2100000060");
requestHeaders.put("dwaUser", "kira_resari");
requestHeaders.put("DWA_TOKEN", "49b8cb0a-13d1-40c1-a3ec-dc44607b8a1e");
ClientResponse getAttributesResponse = oslcOauthClient.getResource("http://localhost:8080/dwa/json/doors/node/getAttributes", requestHeaders);
…however, instead of the desired .json
file with the Attribute Definitions, this only returns me an html file that seems to depict the login screen.
<!--
Licensed Materials - Property of IBM - some unique copyrights (i.e., the ability to copy, modify,
distribute) may be licensed in certain circumstances (e.g., sample/template code intended to be used by
customers to build upon and distribute as their own products).
%full_filespec:welcome.jsp~65:ascii:VBS#1 %
(c) Copyright IBM Corporation 2007, 2018. All Rights Reserved.
-->
<!-- WELCOME -->
<html lang="">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=Edge">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<link rel="shortcut icon" href="images/rdoors.ico">
<title>Login to IBM Engineering Requirements Management DOORS Web Access</title>
<link href="../festival/caf/theme/allCafThemeCSS.css" rel="stylesheet" />
<link href="../festival/caf/allCafMainCSS.css" rel="stylesheet" />
<link href="../festival/css/allCSS.css" rel="stylesheet"></link>
<link href="style.css" rel="stylesheet" type="text/css" />
<link rel="stylesheet" href="../tk/dojo/resources/dojo.css" />
<style>
/* Increase font size for languages whose text is difficult to see when rendered at the default text sizes */
</style>
<script>
var dojoConfig = {
locale: "",
parseOnLoad:true,
usePlainJson:true,
packages :[{name:"festival",location:"/dwa/festival"},
{name:"caf",location:"/dwa/festival"}]
};
</script>
<script type="text/javascript" src="/dwa/tk/dojo/dojo.js"></script>
<script type="text/javascript" src="/dwa/tk/dijit/dijit.js"></script>
<script>
function getAuthenticationType()
{
// This function provides the authentication type when a request contains an error.
// Do not change the function name, it must must match the function name invoked via DoorsServer.js.
var authenticationType="USERNAME_PASSWORD";
return authenticationType;
};
function aboutBox()
{
festival.dialog.launcher.showAboutDialog("About DOORS Web Access", "../about.jsp");
};
function htmlHelp()
{
var htmlHelpWindow = window.open('../../dwa-help/index.jsp','_blank');
setTimeout(function(){htmlHelpWindow.focus();}, 500);
};
function visitWebsite()
{
var visitWebsiteWindow = window.open('http://www-01.ibm.com/software/awdtools/doors/webaccess/','_blank');
setTimeout(function(){visitWebsiteWindow.focus();}, 500);
};
function visitSupport()
{
var visitSupportWindow = window.open('http://www-01.ibm.com/software/awdtools/doors/webaccess/support/','_blank');
setTimeout(function(){visitSupportWindow.focus();}, 500);
};
function visitTraining()
{
var visitTrainingWindow = window.open('http://www-01.ibm.com/software/rational/education/','_blank');
setTimeout(function(){visitTrainingWindow.focus();}, 500);
};
var initialHeight;
function panelLayout() {
//maintains the central positioning of the login panel.
var PANEL_HEIGHT = 384;
var PANEL_WIDTH = 570
var BANNER_HEIGHT = 65;
var PANEL_ADJUST = 20;
var viewport = dijit.getViewport();
var viewportHeight = viewport.h;
var viewportWidth = viewport.w;
var panelNode = dojo.byId("loginFormWrapper");
var marginBox = dojo.marginBox(panelNode);
var newPanelTop = 0;
if (PANEL_HEIGHT >= (viewportHeight - BANNER_HEIGHT)) {
//panel height is greater than available space.
} else {
//panel height is less than available space, centre vertically.
var halfViewPort = (viewportHeight - BANNER_HEIGHT) /2;
var halfPanel = PANEL_HEIGHT /2;
var newPanelTop = (halfViewPort - halfPanel) - PANEL_ADJUST;
}
if (PANEL_WIDTH >= viewportWidth) {
// panel is wider than available space.
} else {
var halfViewWidth = viewportWidth / 2;
var halfPanelWidth = PANEL_WIDTH / 2;
var newPanelSide = halfViewWidth - halfPanelWidth;
}
var updatedMarginBox = dojo.marginBox(panelNode,{
t: newPanelTop, l: newPanelSide, h: marginBox.h, w: marginBox.w
});
};
function onPageLoad()
{
//set initial text box focus.
document.loginform.j_username.focus();
panelLayout();
dojo.connect(window, "onresize", function(e){
//adjust the positioning of the central panel
//as the user resizes the browser.
panelLayout();
});
};
</script>
</head>
<body class="loginbody telelogic" onLoad="javascript:onPageLoad()">
<div style="height: 65px"></div>
<div id="loginFormWrapper" class="welcome login-form-wrapper">
<form name="loginform" method="POST"
action="../j_acegi_security_check" method="POST" autocomplete="off">
<table border="0" cellpadding="0" cellspacing="0"
class="doublehomebox formbox" style="margin-top: 40px">
<tr>
<td class="imagebox" align="center"></td>
<td>
<p>
DOORS ERS Repository
</p>
<p>
<label> Username : </label> <br> <input
type="text" style="width: 200px" name="j_username"
tabindex="1" />
</p>
<p>
<label> Password : </label>
<br>
<input type="password" style="width: 200px" name="j_password"
tabindex="2" />
</p>
<table width="100%">
<tr>
<td><button name="loginButton"
title="Login"
type="submit"
alt="Login">
Login
</button>
</td>
<td>
<div class="homeboxsubopen">
<a href="change_password.jsp"
title="Change Password">
Change Password </a>
</div></td>
</tr>
</table> <input type="hidden"
name="dwa_repository_value"
value="urn:rational:ers-5efc6f9a4ff877cf:" />
</td>
</tr>
<tr>
<td colspan="2" class="homeboxdescription errormessage"> </td>
</tr>
</table>
</form>
<div class="login-footer">
<div class="copyright-containment">
<span class="copyright"> Licensed Materials - Property of IBM Corp. © Copyright IBM Corporation 2007, 2020. All Rights Reserved. IBM, the IBM logo, ibm.com, Rational, DOORS and DOORS Web Access are trademarks or registered trademarks of International Business Machines Corporation in many countries worldwide. Java and all Java-based trademarks and logos are trademarks or registered trademarks of Oracle and/or its affiliates. <!--
Licensed Materials - Property of IBM - some unique copyrights (i.e., the ability to copy, modify,
distribute) may be licensed in certain circumstances (e.g., sample/template code intended to be used by
customers to build upon and distribute as their own products).
%full_filespec:build_version.jsp~3:ascii:VBS#1 %
(c) Copyright IBM Corporation 2009. All Rights Reserved.
U.S. Government Users Restricted Rights: Use, duplication or disclosure restricted by GSA ADP
Schedule Contract with IBM Corp.
-->
Version 9.7.2.0 (Build 97235) </span>
</div>
<img src="/dwa/images/IBM-logo.gif"
style="margin-left: 5px; margin-bottom: 8px" />
</div>
</div>
<!-- centeredPanel -->
</body>
</html>
So, that’s where I stand right now. I know that internally, DWA successfully uses POST http://localhost:8080/dwa/json/doors/node/getAttributes
with a certain set of properties to get the attribute Definitions, which also include the sought-after Enum value. However I can neither seem to use this request from the outside, nor in LYO, and I also don’t know how to construct the properties properly.
Any ideas or insights on whether this approach is promising or impossible?