[APPM-1199] Not possible to retrieve App details using store APIs Created: 18/Dec/15  Updated: 21/Dec/15  Resolved: 21/Dec/15

Status: Resolved
Project: ZZZ-WSO2 App Manager
Component/s: None
Affects Version/s: 1.1.0
Fix Version/s: 1.1.0

Type: Bug Priority: High
Reporter: Asanthi Kulasinghe Assignee: Dinusha Dilrukshi
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

All datasources pointed to MySQL
JDK 1.7
Ubuntu 13.04

Severity: Major
Estimated Complexity: Moderate
Test cases added: Yes


It is not possible to retrieve App details by invoking the following API as [er [1].









Instead an html page is retrieved

[1] https://docs.wso2.com/display/APPM100/Store+APIs

kaushie@kaushie-ThinkPad-T530:~$ curl -k -X GET "http://localhost:9766/store/apis/v1/assets/webapp/admin123/aaa/1.0.0" --user admin123:admin123
curl: /usr/local/lib/libldap_r-2.4.so.2: no version information available (required by /usr/lib/x86_64-linux-gnu/libcurl.so.4)
curl: /usr/local/lib/liblber-2.4.so.2: no version information available (required by /usr/lib/x86_64-linux-gnu/libcurl.so.4)
<!DOCTYPE html>
<style type="text/css">
	background-color: #999;
	margin: 0px;

.header-back {
    background: url("/store/extensions/assets/webapp/themes/store/img/repeat.jpg") repeat-x scroll left top transparent;
    height: 85px;

.logo {
    height: 27px;
    width: 171px;
    padding-left: 200px;
    padding-top: 30px;

.main-login-container {
    background-color: #ccc;
    box-shadow: 7px 7px 5px 0 rgba(50, 50, 50, 0.75);
    margin-bottom: 20px;
    margin-right: auto;
    margin-left: auto;
    margin-top: 20px;
    height: 300px;
    width: 1000px;
    padding: 20px;

 <link rel="stylesheet" type="text/css" href="styles.css">
 <script type="text/javascript">

 function onButtonLogoutClick(){

<body class="background">

<div class="header-back">
		<div class="logo">
			<img src="/store/extensions/assets/webapp/themes/store/img/appm_logo.png">

<div class="main-login-container">
	<button style="float:right" onclick="onButtonLogoutClick()">Logout</button>
	<h2>No Privileges to access this tenant domain</h2>
	<div class="message">You do not have permission to login to this particular tenant domain.Please register.</div>


Comment by Dinusha Dilrukshi [ 21/Dec/15 ]

Fixed with https://github.com/wso2/product-app-manager/commit/bce1407f10ade0d0437f49011bf264803819c68e and https://github.com/wso2/carbon-appmgt/commit/568dddeabf92bb0ca79cb468c4093f007af03412.

We have a issue in supporting basic auth security for APIs in tenant mode due to the discussion in dev@wso2.com : "Does "securityConstraints" provided in jaggery.conf works for tenant users".

Anyway for the backward compatibility reasons we have kept user:paswword support for this API in super tenant mode as it is. In addtion to that we have added cookie base authentication which will work in all environments and which provides consistency across all APIs that exposed in AppM.

sample invocation:
[1] login and get a a cookie
curl -c cookies -H "Content-Type: application/json" -X POST -d '


' http://localhost:9763/store/apis/user/login
[2] Invoke API by passing previous cookie

curl -b cookies -X GET "http://localhost:9763/store/apis/v1/assets/webapp/dinusha-AT-t2.com/App2/1.0.0"

Generated at Wed Sep 23 15:53:50 PDT 2020 using JIRA 7.2.2#72004-sha1:9d5132893cc8c728a3601a9034a1f8547ef5c7be.