OpenRemote does not authenticate with ZWay

Discussions about RaZberry - Z-Wave board for Raspberry computer
pz1
Posts: 2053
Joined: 08 Apr 2012 13:44

OpenRemote does not authenticate with ZWay

Post by pz1 »

I expected I could just specify ZWay user name/password in the OpenRemote HTTP call specification form, as I have done with several other places that need authentication. Unfortunately this does not work with ZWay. Also typing the url prefixed with the user/password in webbrowser tells me that access is refused.
duwistat.JPG
duwistat.JPG (30.56 KiB) Viewed 10671 times
I am aware of the solution described in the FAQ that uses curl. I don't know how that would work with this OpenRemote configurator.
What am I missing to make it easy for OR users?
taftek
Posts: 8
Joined: 07 Aug 2015 08:44

Re: OpenRemote does not authenticate with ZWay

Post by taftek »

use post instead of get works perfectly!!:)
Attachments
OR pro z-way
OR pro z-way
lampkaor.jpg (25.81 KiB) Viewed 12261 times
pz1
Posts: 2053
Joined: 08 Apr 2012 13:44

Re: OpenRemote does not authenticate with ZWay

Post by pz1 »

taftek wrote:use post instead of get works perfectly!!:)
That is not the problem. I did try both post and get. I do notice that your example does not contain username/password. Similarly a call from the browser in the form

Code: Select all

http://admin:admin@raspberrypi:8083/OpenRemote/SwitchBinaryStatus/9/0
does not work. I do get the warning that IP:8083 does not require authentication.
User avatar
PoltoS
Posts: 7565
Joined: 26 Jan 2011 19:36

Re: OpenRemote does not authenticate with ZWay

Post by PoltoS »

Basic auth user:passwd@host/uri will work from the next release
pz1
Posts: 2053
Joined: 08 Apr 2012 13:44

Re: OpenRemote does not authenticate with ZWay

Post by pz1 »

PoltoS wrote:Basic auth user:passwd@host/uri will work from the next release
Thanks, next relief ;) I feared things were getting complex for OR.
pofs
Posts: 688
Joined: 25 Mar 2011 19:03

Re: OpenRemote does not authenticate with ZWay

Post by pofs »

I'm not really sure about user:passwd@host, but Authorization Basic header will do.
pz1
Posts: 2053
Joined: 08 Apr 2012 13:44

Re: OpenRemote does not authenticate with ZWay

Post by pz1 »

pofs wrote: but Authorization Basic header will do.
Should that work with v2.1.2-rc2, or still a later version?
Since 29-12-2016 I am no longer a moderator for this forum
pofs
Posts: 688
Joined: 25 Mar 2011 19:03

Re: OpenRemote does not authenticate with ZWay

Post by pofs »

pz1 wrote:
pofs wrote: but Authorization Basic header will do.
Should that work with v2.1.2-rc2, or still a later version?
It even worked with 2.1.2-rc1 :)
pz1
Posts: 2053
Joined: 08 Apr 2012 13:44

Re: OpenRemote does not authenticate with ZWay

Post by pz1 »

Then I have a serious problem I am afraid :(

With authentication the standard OpenRemote doesn't seem to do what you call "basic authentication"
note:OpenRemote has shown to be working with other user/pw protected http sources.

OpenRemote log says:

Code: Select all

2015-09-15 19:04:54,938 ERROR [Polling Sensor Thread ID = 248217, Name ='Duwi']: ClientProtocolException when executing HTTP method
org.apache.http.client.HttpResponseException: Forbidden
	at org.apache.http.impl.client.BasicResponseHandler.handleResponse(BasicResponseHandler.java:67)
	at org.apache.http.impl.client.BasicResponseHandler.handleResponse(BasicResponseHandler.java:54)
	at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:735)
	at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:709)
	at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:700)
	at org.openremote.controller.protocol.http.HttpGetCommand.requestURL(Unknown Source)
	at org.openremote.controller.protocol.http.HttpGetCommand.read(Unknown Source)
	at org.openremote.controller.model.sensor.Sensor$DeviceReader.read(Unknown Source)
	at org.openremote.controller.model.sensor.Sensor$DeviceReader.run(Unknown Source)
	at java.lang.Thread.run(Thread.java:745)
I'll also dig a bit in OR forums/docs
pofs
Posts: 688
Joined: 25 Mar 2011 19:03

Re: OpenRemote does not authenticate with ZWay

Post by pofs »

Then check your requests from OR side, probably it uses some other kind of authorization rather than Basic.

Compare my two outputs.

First one is anonymous request:

Code: Select all

MacBook-Air:automation pieceofsummer$ curl -v http://127.0.0.1:8083/ZAutomation/api/v1/devices/OpenWeather_21
> GET /ZAutomation/api/v1/devices/OpenWeather_21 HTTP/1.1
> Host: 127.0.0.1:8083
> User-Agent: curl/7.43.0
> Accept: */*
>
< HTTP/1.1 404 Not Found
< Content-Type: application/json; charset=utf-8
< X-API-VERSION: 2.0.1
< Date: Tue, 15 Sep 2015 18:30:08 GMT
< Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Type, ETag, X-API-VERSION, Date, Cache-Control, If-None-Match, Content-Language, Accept-Language, ZWAYSession
< Access-Control-Allow-Origin: *
< Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
< Connection: close
< Access-Control-Allow-Credentials: true
< Content-Length: 96
< Transfer-Encoding: chunked
< 
{"data":null,"code":404,"message":"404 Not Found","error":"Device OpenWeather_21 doesn't exist"}
Second one is basic auth request:

Code: Select all

MacBook-Air:automation pieceofsummer$ curl -v -u admin:admin http://127.0.0.1:8083/ZAutomation/api/v1/devices/OpenWeather_21
* Server auth using Basic with user 'admin'
> GET /ZAutomation/api/v1/devices/OpenWeather_21 HTTP/1.1
> Host: 127.0.0.1:8083
> Authorization: Basic YWRtaW46YWRtaW4=
> User-Agent: curl/7.43.0
> Accept: */*
> 
< HTTP/1.1 200 OK
< Content-Type: application/json; charset=utf-8
< X-API-VERSION: 2.0.1
< Date: Tue, 15 Sep 2015 18:29:56 GMT
< Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Type, ETag, X-API-VERSION, Date, Cache-Control, If-None-Match, Content-Language, Accept-Language, ZWAYSession
< Access-Control-Allow-Origin: *
< Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
< Connection: close
< Access-Control-Allow-Credentials: true
< Content-Length: 669
< Transfer-Encoding: chunked
< 
{"data":{"creatorId":21,"deviceType":"sensorMultiline","h":-1611286412,"hasHistory":false,"id":"OpenWeather_21","location":0,"metrics":{"scaleTitle":"°C","title":"Kiev","probeTitle":"Temperature","zwaveOpenWeather":{"main":{"temp":289.03,"pressure":1021,"humidity":67,"temp_min":288.15,"temp_max":290.15},"weather":[{"id":800,"main":"Clear","description":"clear sky","icon":"01n"}],"wind":{"speed":3,"deg":130}},"level":15.9,"icon":"http://openweathermap.org/img/w/01n.png","country":"UA","flag":"http://openweathermap.org/images/flags/ua.png"},"permanently_hidden":false,"tags":[],"visibility":true,"updateTime":1442341731},"code":200,"message":"200 OK","error":null}
As you can see, the only difference is Authorization header present in second request, so basic auth actually looks like working ok. Please try the same for your specific url, and compare the output.
Post Reply