G_hi3 G_hi3 - 2 months ago 23
HTTP Question

Logging into Content Navigator from external application

I'm trying to access a PluginService on Content Navigator from my Java Application (Event Action Handler in FileNet P8). The application uses the JAXRS logon service to receive the

from the Content Navigator server. However, if I try to call the PluginService I get a response that my login has expired.

I'm able to get the security token, as described in this code block:

URL logonUrl = new URL("http://icn-host:9081/jaxrs/logon"
+ "?userid=user"
+ "&password=password"
+ "&desktop=admin"
+ "&contextPath=%2Fnavigator");
HttpURLConnection logonConnection = (HttpURLConnection)logonUrl.openConnection();
InputStream logonResponse = logonConnection.getInputStream();
String responseText = IOUtils.toString(logonResponse, "UTF-8")
.replaceFirst("^\\{}&&", "");
JSONObject responseJson = JSONObject.parse(responseText);
return (String)responseJson.get("security_token");

But when I try to make another request, I get an error response:

URL requestUrl = new URL("http://icn-host:9081/plugin.do"
+ "?plugin=myPlugin&action=myPluginService&myRequestProps=foobar");
HttpURLConnection requestConnection =
String securityToken = getSecurityToken(); // calls above code
requestConnection.setRequestProperty("security_token", securityToken);
InputStream responseStream = requestConnection.getInputStream();
String responseText = IOUtils.toString(responseStream, "UTF-8")
.replaceFirst("^\\{}&&", "");
log.info("response was: " + responseText);

I always get the following response:

"errors": [
"explanation":"Your session expired because of inactivity.",
"userResponse":"Log in again.",
"text":"Your session expired."

I've also tried to set the cookies, but no success.

java.net.CookieManager cookieManager = new java.net.CookieManager();
Map<String, List<String>> headerFields = logonConnection.getHeaderFields();
List<String> cookiesHeader = headerFields.get("Set-Cookie");
if (cookiesHeader != null) {
for (String cookie : cookiesHeader) {
cookieManager.getCookieStore().add(null, HttpCookie.parse(cookie).get(0));

// ...

StringBuilder cookieHeader = new StringBuilder();
List<HttpCookie> cookies = cookieManager.getCookieStore().getCookies();

for (int i = 0; i < cookies.size(); i++) {
if (i > 0) {

HttpCookie cookie = cookies.get(i);
log.info("Cookie " + i + ": " + cookie.toString());

requestConnection.setRequestProperty("Cookie", cookieHeader.toString());

I tried to replicate the request using XMLHttpRequest in a Content Navigator window and it works as expected:

var xhr = new XMLHttpRequest();
xhr.open("GET", "plugin.do" +
"?plugin=myPlugin" +
"&action=myPluginService" +
xhr.setRequestHeader("security_token", ecm.model.Request._security_token);

Answer Source

I had a similar challenge for a client a few months ago where i had to automate the process of installing plugins and applying configuration for CI purposes.

I discovered it is key to obtain the desktop as the first api call after login for the session to become 'valid'.

So first jaxrs/logon, then jaxrs/getDesktop, then your service invoke.

A little sidenote: If you plan on having container managed authentication later on, the process will be different. The jaxrs/logon won't work, and instead the jaxrs/getDesktop will deliver the security_token.

A little remark though: wouldn't it be a better solution to have a shared library that you'd be able to use both from your Event Action as the ICN service?

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download