Cannot authenticate to JIRA 5.1.8 using RESTful API using curl command

I have got 'Login Failed' Error when I try to connect to JIRA 5.1.8 using REST API.

$ curl -X POST -H "Content-Type: application/json" -d '{"username" : "APP_USERNAME"
, "password" : "APP_PASSWORD"}' https://jira.company.com/rest/auth/1/session

{"errorMessages":["Login failed"],"errors":{}}


JIRA URL (https://jira.company.com) which has SITEMINDER Integration and /rest is the unprotected URL in siteminder, I should be able to access JIRA directly using curl command.

My username and password are correct and can able to login successfully through JIRA Interface.

I tried this command in JIRA Development Instance which does not have siteminder integration, I got the response.

$ curl -X POST -H "Content-Type: application/json" -d '{"username" : "APP_USERNAME"
, "password" : "APP_PASSWORD"}' http://localhost:8080/rest/auth/1/session

{"session":{"name":"JSESSIONID","value":"6B18FEEA03A8A73F627BD113432F7932"},"log
inInfo":{"loginCount":100,"previousLoginTime":"2013-02-19T08:31:24.221-0600"}}

Why it is not working in the environment which has siteminder integration ? Do I need to provide any other valid information to the curl command ?


3 answers

Hi Alagu,

Can you try the following cURL command instead:

curl -u admin:admin -b cookie_jar -c cookie_jar -X GET http://localhost:8080/jira/rest/auth/latest/session

I hope that this will help.

Thanks.

$ curl -u username:password -b cookie_jar -c cookie_jar -X GET "https://jira.ce
rt.sabre.com/rest/auth/latest/session"

Got UnAuthorised(401) Error.

$ curl -u username:password -b cookie_jar -c cookie_jar -X GET "https://jira.ce
rt.sabre.com/jira/rest/auth/latest/session"
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="/lp/login.html?TYPE=33554432&amp;REALMOID=06-
00089580-ace5-1cf6-873c-6c250ad110b5&amp;GUID=&amp;SMAUTHREASON=0&amp;METHOD=GET
&amp;SMAGENTNAME=-SM-M2K6VHzzR8Xa69%2bL%2fckVtkEm5JP6%2fD0s1iFFzzt3ST3LWdEhlZHfZ
SvjMdM6aIoK&amp;TARGET=-SM-http%3a%2f%2fjira%2ecert%2esabre%2ecom%2fjira%2frest%
2fauth%2f1%2fsession">here</a>.</p>
</body></html>

Here I didnt get the session resonse.

NOTE: The website https://jira.cert.sabre.com has SiteMinder Integration.

$ curl -X POST -i -H "Accept: application/json" -H "Content-Type: application/j
son" -d '{"username":"APP_USERNAME","password":"APP_PASSWORD"}' https://jira.cert.sabre
.com/rest/auth/1/session
HTTP/1.1 401 Unauthorized
Date: Fri, 22 Feb 2013 07:13:53 GMT
Server: Apache
X-AREQUESTID: 73x30476x1
Set-Cookie: atlassian.xsrf.token=AE0B-V25N-QYAS-MPMR|1bf6ed3ee0ab1c66df5e11400ea
f8d71ad16b021|lout; Path=/
X-AUSERNAME: anonymous
X-Seraph-LoginReason: AUTHENTICATED_FAILED
WWW-Authenticate: JIRA REST POST
WWW-Authenticate: OAuth realm="https%3A%2F%2Fjira.cert.sabre.com"
Content-Length: 46
Content-Type: application/json;charset=UTF-8

{"errorMessages":["Login failed"],"errors":{}}

Can you please let me know why I am getting this error, even I can able to login through JIRA Interface. Here X-AUSERNAME is mentioned as Anonymous.

Hi Alagu,

Since you have SiteMinder integrated with JIRA, most likely you are getting the error code 401 (unauthorized) because the REST request needs to go through SiteMinder first.

Hence in order to try if you can authenticate to JIRA using REST, then I believe that you will have to bypass the SiteMinder, and test the cURL command again.

One way to test this is to deploy a test JIRA installation without SiteMinder integration, and try to run the command again.

Cheers!

Hi, Thank you for your response !

/rest is the unprotected URL in Siteminder , so it is out of sideminder's SSO scope.

But when I see the error, Path is / which is a protected URL in siteminder.

Set-Cookie: atlassian.xsrf.token=AE0B-V25N-QYAS-MPMR|1bf6ed3ee0ab1c66df5e11400ea
f8d71ad16b021|lout; Path=/

I am trying to access /rest, but the error which i got is for the path /

Please suggest.

  1. Build a string of the form username:password
  2. Base64 encode the string
  3. Supply an "Authorization" header with content "Basic " followed by the encoded string. For example, the string "fred:fred" encodes to "ZnJlZDpmcmVk" in base64, so you would make the request as follows.
curl -D- -X GET -H "Authorization: Basic ZnJlZDpmcmVk" -H "Content-Type: application/json" "http://kelpie9:8081/rest/api/2/issue/QA-31"

Even I am facing same issue when using REST API for Basic Authentication. Here is curl command:

curl -D- -X GET -H "Authorization: Basic base64encodeduser:pass" -H "Content-Type: application/json" "https://hostname.com/jira/rest/api/2/issue/createmeta"

I also tested with "Postman" google chrome app for auth verification. But not successful.

This is Authentication denied header of response.

X-Seraph-LoginReason → AUTHENTICATION_DENIED

How can I find, whether this particular server allows basic authentication or not?

I am writing some application to produce some custom report with all open issues in JIRA. But, authentication itself not successful.

This is what I found in regards to the message below.

X-Seraph-LoginReason → AUTHENTICATION_DENIED

This was getting thrown because the CAPTCHA was getting triggered after failed login attempts.

To fix it I went to the application and logged in manually with the account we are using for the API. This caused the CAPTCHA to come up and once logging in successfully the error went away.

Suggest an answer

Log in or Sign up to answer
How to earn badges on the Atlassian Community

How to earn badges on the Atlassian Community

Badges are a great way to show off community activity, whether you’re a newbie or a Champion.

Learn more
Community showcase
Published Monday in Jira Software

How large do you think Jira Software can grow?

Hi Atlassian Community! My name is Shana, and I’m on the Jira Software team. One of the many reasons this Community exists is to connect you to others on similar product journeys or with comparabl...

696 views 6 13
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you