I have script to do API automation by fetching data from CSV file and comparing JSON response with the data in CSV file in POSTMAN. I have 12 scenarios/ iterations to verify and each scenario sends more than 20 data picking from CSV file and from JSON response compared more than 10 data. Everything is working fine.
Now Security feature implemented in code, so I have to send the request and Automate the script with ID/PWD. So I used NTML authentication with ID and PWD.
When I run the script with runner, initial two iteration gives perfect response and script passed, then from 3rd iteration all script failed and not getting response. In response it says Data unavailable when I checked in postman console it shows below details.
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<title>401 - Unauthorized: Access is denied due to invalid credentials.</title>
<style type="text/css">
<!--
body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}
fieldset{padding:0 15px 10px 15px;}
h1{font-size:2.4em;margin:0;color:#FFF;}
h2{font-size:1.7em;margin:0;color:#CC0000;}
h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;}
#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;
background-color:#555555;}
#content{margin:0 0 0 2%;position:relative;}
.content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}
-->
</style>
</head>
<body>
<div id="header"><h1>Server Error</h1></div>
<div id="content">
<div class="content-container"><fieldset>
<h2>401 - Unauthorized: Access is denied due to invalid credentials.</h2>
<h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3>
</fieldset></div>
</div>
</body>
</html>
What could be the reason and any solution to solve this.
Screen short
Used NTLM Authentication [BETA] authorization option with ID/PWD
Here are the details for pass scenario
Request Headers:
content-type:"application/json"
cache-control:"no-cache"
user-agent:"PostmanRuntime/7.1.5"
accept:"*/*"
host:"xxxxxx"
accept-encoding:"gzip, deflate"
content-length:599
authorization:"NTLM TlRMTVNTUAADAAAAGAAYAFIAAAAYABgAagAAAAAAAABIAAAACgAKAEgAAAAAAAAAUgAAAAAAAACCAAAABYKIogUBKAoAAAAPUAAzAFcATABJAPxv7ESeMEwAAAAAAAAAAAAAAAAAAAAAAHZECYztsK+qnjG5K0DvDIPzQ09CFXWo0Q=="
Request Body:
Response Headers:
transfer-encoding:"chunked"
content-type:"application/json; charset=utf-8"
location:"xxxxxx/api/rate/zzz"
server:"Kestrel"
persistent-auth:"true"
date:"Wed, 06 Jun 2018 13:40:05 GMT"
Response Body:
rate:5
retailRateAttributes:
error:null
Here are the details of Failed scenario
Request Headers:
content-type:"application/json"
cache-control:"no-cache"
authorization:"NTLM TlRMTVNTUAADAAAAGAAYAFIAAAAYABgAagAAAAAAAABIAAAACgAKAEgAAAAAAAAAUgAAAAAAAACCAAAABYKIogUBKAoAAAAPUAAzAFcATABJAPxv7ESeMEwAAAAAAAAAAAAAAAAAAAAAAHZECYztsK+qnjG5K0DvDIPzQ09CFXWo0Q=="
user-agent:"PostmanRuntime/7.1.5"
accept:"*/*"
host:""xxxxxx""
accept-encoding:"gzip, deflate"
content-length:599
Request Body:
Response Headers:
content-type:"text/html"
server:"Microsoft-IIS/10.0"
www-authenticate:
0:"Negotiate"
1:"NTLM"
date:"Wed, 06 Jun 2018 13:40:05 GMT"
content-length:"1293"
Response Body:
While Postman errors are not the most descriptive, this error typically occurs because your API endpoint does not exist. You may want to check that you are correctly calling the appropriate endpoint
You say that the two first iterations work fine but when you get to the third iteration, get the error. That sounds like the auth/token/session expired.
I got the Postman error message
JSONError: Unexpected token '<' at 1:1<!doctype html>^ today.
I realized that the problem (in my case) was that I tried to access an API that
I had written myself, but forgotten to upload. - Thus, I tried to call an API
that did not exist. (!)
As soon as I uploaded the API, the error went away.
Related
I have a process that fails on the first task because of data validation. I want the task to fail. My problem is that when I start the Camunda process with the REST API I receive an HTML page produced by the underlying Tomcat. How can I get a comprehensive JSON response from the API instead of an HTML ?
I'm running Camunda CE 7.9.
I'm deploying a spring boot war on the Camunda Tomcat provided by Camunda.
Response:
<!doctype html>
<html lang="fr">
<head>
<title>État HTTP 500 – Internal Server Error</title>
<style type="text/css">
[...]
</style>
</head>
<body>
<h1>État HTTP 500 – Internal Server Error</h1>
<hr class="line" />
<p><b>Type</b> Rapport d''exception</p>
<p><b>message</b> company.service.RestException: message: Agent XXX not found</p>
<p><b>description</b> Le serveur a rencontré une erreur interne qui l''a empêché de satisfaire la requête.</p>
<p><b>exception</b></p>
<pre>org.jboss.resteasy.spi.UnhandledException: company.service.RestException: message: Agent XXX not found
[...]
Thank you
You were most likely using the wrong endpoint URL.
I am trying to embed an AWS Quicksight dashboard into our application but I am having some trouble with the embed process. The URL has been generated correctly and but I get a permission denied error when I attempt to embed it.
I am able to load the generated URL directly in a new tab but when I attempt to embed it I get a 401 error.
I have whitelisted the domain in the Quicksight console and am accessing the page over HTTPS. The complete test page is shown below.
The following code is what I am using to test embedding. It was taken from an Amazon example.
<!DOCTYPE html>
<html>
<head>
<title>My Dashboard</title>
<script src="https://unpkg.com/amazon-quicksight-embedding-sdk/dist/quicksight-embedding-js-sdk.min.js" ></script>
<script type="text/javascript">
function embedDashboard() {
var containerDiv = document.getElementById("dashboardContainer");
var params = {
url: "<link that works in a standalone browser tab>",
container: containerDiv,
parameters: {
},
height: "700px",
width: "1000px"
};
var dashboard = QuickSightEmbedding.embedDashboard(params);
dashboard.on('error', function(err) {console.log('dashboard error:', err)});
dashboard.on('load', function() {});
}
</script>
</head>
<body onload="embedDashboard()">
<div id="dashboardContainer"></div>
</body>
</html>
Amazon sends a 302, followed by a 401. Which results in a frame with the error message "We can't display this page (Not Authorized).
The first request in the image fetches a fresh link from the server and the subsequent two are the framing attempt.
I would expect that if something was wrong with my authorization then a loading the link in it's own tab would not work. I think the issue must be with the frame but don't know what other options to check beyond the whitelist.
Does anyone have any idea what else I can try?
This is a single script.php only to load data.
<!doctype html>
<html>
<head>
<meta charset="UTF-8">
<title>TEST</title>
</head>
<body>
<div id="location">
<script src="https://maps.googleapis.com/maps/api/geocode/json?latlng=42.149247222222,24.752305555556&key=My-enabled-key-here">
</script>
</div>
</body>
</html>
In Mac Safari I get I get `SyntaxError: Unexpected token ':'. Parse error.
Several data is loaded I see it in Safari debugger starting in:
but I cannot use it because of that error message.
In Chrome and Opera I get Cross-Origin Read Blocking (CORB) blocked cross-origin response with MIME type application/json.
Reading some old questions I added
<?php header('Access-Control-Allow-Origin: http://example.com') ?>
and then replaced by
<?php header('Access-Control-Allow-Origin: *') ?>
as the first line but nothing changed.
From Google side: Key restrictions
-> Application restrictions: none.
-> API restrictions: yes (key is accepted for 4 APIs, one of them is Geocoding API
What's wrong here?
Since you are making a Geocoding web service request in the client-side (front-end) that's why you are getting the Cross-origin blocking error (CORB). Web service requests are meant to be executed server side.
Note that if you intend to use Geocoding in client-side, the JavaScript API has a Geocoding Service (which prevents the CORB issue). Please refer to this guide: https://developers.google.com/maps/documentation/javascript/geocoding
Hope this helps!
Was using caldav to access icloud calendar, it was working fine. Today, all the requests in my postman collection started to get 401 from caldav.icloud.com
I am accessing my own personal account to test, double checked my password hundred times, still not working.
Request:
PROPFIND / HTTP/1.1
Host: caldav.icloud.com
Authorization: Basic xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Content-Type: application/xml
Cache-Control: no-cache
Postman-Token: 39b27b44-0a6f-b351-540f-f9446df618d0
<propfind xmlns='DAV:'>
<prop>
<current-user-principal/>
</prop>
</propfind>
Response was:
401 unauthorized
Header:
Connection →keep-alive
Content-Length →141
Content-Type →text/html;charset=utf-8
Date →Fri, 30 Jun 2017 14:23:34 GMT
Server →AppleHttpServer/2f080fc0
Strict-Transport-Security →max-age=31536000; includeSubDomains
WWW-Authenticate →x-mobileme-authtoken realm="MMCalDav", basic realm="MMCalDav"
X-Apple-Request-UUID →95e3a459-10b1-4d0a-a3ae-73f29b569481
X-Responding-Server →caldav:44101701:pv38p41ic-ztdg01080801:8001:17D70:375f9f89bf
X-Transaction-Id →95e3a459-10b1-4d0a-a3ae-73f29b569481
access-control-expose-headers →X-Apple-Request-UUID, Via
via →icloudedge:br30p01ic-zteu01122201:7401:17D30:Berlin
Body:
<html>
<head>
<title>Unauthorized</title>
</head>
<body>
<h1>Unauthorized</h1>
<p>You are not authorized to access this resource.</p>
</body>
</html>
Any ideas?
You cannot do a 3rd party login into iCloud with your regular login/password anymore (DAV, IMAP, etc). Since June 15, 2017 you need an "App specific password".
This page describes how to generate one: Using app-specific passwords. From that page:
Sign in to your Apple ID account page.
In the Security section, click Generate Password below App-Specific Passwords.
Follow the steps on your screen.
I am trying to download an XML file from the Eurostat website but I am having trouble using urllib in Python to do it. Somehow when I use my regular Chrome browser it's able to make the HTTP request and the website will generate an XML file, but when I try to do the same thing in python I get a server error. This is the code I am using:
import urllib
from xml.etree import ElementTree as ET
response = urllib.urlopen("http://ec.europa.eu/eurostat/SDMX/diss-web/rest/data/lfsq_egais/Q.T.Y_GE15.EMP..NL")
result = response.read()
print result
I have tried using urllib.urlretrieve too and that didn't work either. Any reason why this might be happening? The HTML I get back is as follows:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Draft//EN">
<HTML>
<HEAD>
<TITLE>Error 500--Internal Server Error</TITLE>
<META NAME="GENERATOR" CONTENT="WebLogic Server">
</HEAD>
<BODY bgcolor="white">
<FONT FACE=Helvetica><BR CLEAR=all>
<TABLE border=0 cellspacing=5><TR><TD><BR CLEAR=all>
<FONT FACE="Helvetica" COLOR="black" SIZE="3"><H2>Error 500--Internal Server Error</H2>
</FONT></TD></TR>
</TABLE>
<TABLE border=0 width=100% cellpadding=10><TR><TD VALIGN=top WIDTH=100% BGCOLOR=white><FONT FACE="Courier New"><FONT FACE="Helvetica" SIZE="3"><H3>From RFC 2068 <i>Hypertext Transfer Protocol -- HTTP/1.1</i>:</H3>
</FONT><FONT FACE="Helvetica" SIZE="3"><H4>10.5.1 500 Internal Server Error</H4>
</FONT><P><FONT FACE="Courier New">The server encountered an unexpected condition which prevented it from fulfilling the request.</FONT></P>
</FONT></TD></TR>
</TABLE>
</BODY>
</HTML>
This question is a few months old now, but better late than never:
The Eurostat REST API you are talking is supposed to respond with XML content, which urllib is not expecting/allowing by default. The solution is to add a header Accept: application/xml to the request.
This will do the trick in Python 2.7 (using urllib2 by the way):
import urllib2
req = urllib2.Request("http://ec.europa.eu/eurostat/SDMX/diss-web/rest/data/"
"lfsq_egais/Q.T.Y_GE15.EMP..NL")
req.add_header("Accept", "application/xml")
response = urllib2.urlopen(req)
print response.read()
See urllib2 docs for more info and examples.