All geek questions in one place

Sitecore 7.2 - Web User API User Authentication

I want to restrict the Sitecore web site API to send data only to an authenticated user, and as per the documentation, we need to pass the username and password to the http request header as X-Scitemwebapi-Username and X-Scitemwebapi-Password

To achieve this, I used the code below:

 HttpWebRequest request = (HttpWebRequest)WebRequest.Create("http://scapidemo.local/-/item/v1/?sc_itemid={110D559F-DEA5-42EA-9C1C-8A5DF7E70EF9}&sc_database=master"); request.Headers["X-Scitemwebapi-Username"] = "admin"; request.Headers["X-Scitemwebapi-Password"] = "b"; HttpWebResponse response = (HttpWebResponse)request.GetResponse(); Response.Write(String.Format("Content length is {0}", response.ContentLength)); Response.Write(String.Format("Content type is {0}", response.ContentType)); // Get the stream associated with the response. Stream receiveStream = response.GetResponseStream(); // Pipes the stream to a higher level stream reader with the required encoding format. StreamReader readStream = new StreamReader(receiveStream, Encoding.UTF8); Response.Write("<br /> Response stream received. <br />"); Response.Write(readStream.ReadToEnd());

In Sitecore.ItemWebApi.config I added settings for my website as shown below:

 itemwebapi.mode="StandardSecurity" itemwebapi.access="ReadOnly" itemwebapi.allowanonymousaccess="false"/>

Now when I run my application, I get this error:

 {"statusCode":401,"error":{"message":"Access to site is not granted."}}
+6
source share
1 answer

You are transferring a user without the domain to which he belongs. ItemWebAPI does not have a default domain, so every time you make a call, you need to transfer your user as this "domain \ user".

All that is said - try to do it like this:

 request.Headers["X-Scitemwebapi-Username"] = @"sitecore\admin"; request.Headers["X-Scitemwebapi-Password"] = "b";
+6
source

Source: https://habr.com/ru/post/974026/

More articles:


All Articles