web stats
403 forbidden error on http request - Mirth Community

Go Back   Mirth Community > Mirth Connect > Support

Reply
 
Thread Tools Display Modes
  #1  
Old 11-15-2016, 01:02 AM
Ayanami Ayanami is offline
Mirth Newb
 
Join Date: Dec 2015
Posts: 14
Ayanami is on a distinguished road
Angry 403 forbidden error on http request

Hi, I'm trying to perform an HTTP request to my Mirth Server API through a Rails application, but it always returns Net::HTTPServerException (403 "Forbidden"). I can't understand what is the problem. If I use the same URL and set Content-Type: application/xml in Google's Advanced Rest Client, it works, but from my rails app it returns the above error. The same problems happens if I try to perform a post to authenticate a user in the Mirth API (see code below).

This is the code in my controller:

Code:
@login = HTTParty.post("https://#{server}:#{port}/api/users/_login",
                         {:body => [{"username" => "xxxxxxxx", "password" => "xxxxxxxxxxx"}],                              
                          :headers => { 'Content-Type' => 'application/x-www-form-urlencoded',
                                        'Accept' => 'application/xml'}
                         })

Code:
@response = HTTParty.get("https://#{server}:#{port}/api/server/configurationMap",
                           {:basic_auth => {:username => "xxxxxxxx", :password => "xxxxxxxxxxx"},
                            :headers => { 'Content-Type' => 'application/xml'}
                          })

Can someone please help me? What am I doing wrong?
Thank you in advance!
Reply With Quote
  #2  
Old 11-16-2016, 01:24 AM
Ayanami Ayanami is offline
Mirth Newb
 
Join Date: Dec 2015
Posts: 14
Ayanami is on a distinguished road
Default unknown ssl protocol error in connection to localhost:8444

If I make the requests via rails git bash I get this response:

curl: (35) unknown ssl protocol error in connection to localhost:8444. I believe it is related to the self-signed certificate issued by Mirth Connect. I don't know how to work around this :/

Last edited by Ayanami; 11-16-2016 at 01:31 AM.
Reply With Quote
  #3  
Old 11-16-2016, 02:02 AM
siddharth siddharth is offline
Mirth Guru
 
Join Date: Feb 2013
Posts: 832
siddharth is on a distinguished road
Default

I think you need to pass JSESSION id on your subsequent calls, after you make the login call. You will get it inside the cookies.
There was a conversation on slack and Nick said, the APIs don't use basic digest algorithm. Try it.

Last edited by siddharth; 11-16-2016 at 02:02 AM. Reason: call
Reply With Quote
  #4  
Old 11-16-2016, 06:47 AM
Ayanami Ayanami is offline
Mirth Newb
 
Join Date: Dec 2015
Posts: 14
Ayanami is on a distinguished road
Default

Thanks, I'm going to try that!
Reply With Quote
  #5  
Old 11-16-2016, 07:24 AM
Ayanami Ayanami is offline
Mirth Newb
 
Join Date: Dec 2015
Posts: 14
Ayanami is on a distinguished road
Default

Sorry, but I can't even get to the subsequent calls.

The error happens when I make the login call. I tried to use a different rest client to make the call, but the error "Net::HTTPServerException (403 "Forbidden")" persists. I also added the mirth self-signed certificate to my trusted Root Certification Authorities.

Code:
response = RestClient.post('https://mirth-connect:8444/api/users/_login',
                               {username: "xxxxxx", password: "xxxxxxxx"},
                               {content_type: 'application/x-www-form-urlencoded', accept: 'application/xml'}
                               )

Last edited by Ayanami; 11-16-2016 at 07:27 AM.
Reply With Quote
  #6  
Old 11-16-2016, 07:33 AM
narupley's Avatar
narupley narupley is online now
Mirth Employee
 
Join Date: Oct 2010
Posts: 7,119
narupley is on a distinguished road
Default

Most likely a problem with the HTTP client you're using. If you use curl, you can add the "-k" option to ignore certificate errors. Or better yet, replace the self-signed cert with your own company cert.
__________________
Step 1: JAVA CACHE...DID YOU CLEAR ...wait, ding dong the witch is dead?

Nicholas Rupley
Work: 949-237-6069
Always include what Mirth Connect version you're working with. Also include (if applicable) the code you're using and full stacktraces for errors (use CODE tags). Posting your entire channel is helpful as well; make sure to scrub any PHI/passwords first.


- How do I foo?
- You just bar.
Reply With Quote
  #7  
Old 11-16-2016, 08:03 AM
Ayanami Ayanami is offline
Mirth Newb
 
Join Date: Dec 2015
Posts: 14
Ayanami is on a distinguished road
Default

I added that option, and it gives the error: "curl (35) unknown ssl protocol error in connection to ...." I will try to replace the certificate.
Reply With Quote
  #8  
Old 11-17-2016, 06:44 AM
Ayanami Ayanami is offline
Mirth Newb
 
Join Date: Dec 2015
Posts: 14
Ayanami is on a distinguished road
Default

I updated my git and curl to the latest revision an know everything works! Thanks for your help
Reply With Quote
Reply

Tags
http, mirth api, rails

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -8. The time now is 02:56 AM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2019, vBulletin Solutions, Inc.
Mirth Corporation