[Freeipa-devel] Web services in freeIPA

Petr Vobornik pvoborni at redhat.com
Sat Feb 8 17:16:33 UTC 2014 

On 7.2.2014 10:33, Alexandre Santos wrote:
> Hi Martin,
>
> I´ve tried your example and i get this error:
>
> curl -v  \
>           -H "Content-Type:application/json" \
>           -H "Accept:applicaton/json"\
>           --negotiate -u : \
>           --delegation always \
>           --cacert /etc/ipa/ca.crt  \
>           -d  '{"method":"user_find","params":[[""],{}],"id":0}' \
>           -X POST https://ipa/ipa/json


Just add
	-H "Referer: https://ipa/ipa/json" \

FreeIPA server checks the referer to prevent CSRF.

>
> ...
>
>  > User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7
> NSS/3.13.6.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
>  > Host: pi
>  > Content-Type:application/json
>  > Accept:applicaton/json
>  > Content-Length: 48
>  >
> < HTTP/1.1 200 Success
> < Date: Thu, 06 Feb 2014 16:42:26 GMT
> < Server: Apache/2.2.15 (CentOS)
> < Connection: close
> < Transfer-Encoding: chunked
> < Content-Type: application/json; charset=utf-8
> <
> {
>      "error": {
>          "code": 911,
>          "message": "Missing or invalid HTTP Referer, missing",
>          "name": {
>              "__base64__": "UmVmZXJlckVycm9y"
>          }
>      },
>      "id": null,
>      "principal": “admin at ipa",
>      "result": null,
>      "version": "3.0.0"
> * Closing connection #0
>
>
> Any suggestion?
>
> Alexandre Santos
>
> On 06 Feb 2014, at 15:12, Martin Kosek <mkosek at redhat.com
> <mailto:mkosek at redhat.com>> wrote:
>
>> As Petr said, we do not have a proper documentation for using RPC for
>> controlling IPA. But I think you can start with looking at [1] to see the
>> template and try running our commands with "-vv" which will show you
>> how we
>> call the API:
>>
>> $ ipa -vv user-show admin
>>
>> Martin
>>
>> [1]
>> http://adam.younglogic.com/2010/07/talking-to-freeipa-json-web-api-via-curl/
>>
>> On 02/06/2014 04:04 PM, Alexandre Santos wrote:
>>>
>>> Is there any examples that can guide me.
>>>
>>> Thanks
>>> Alexandre Santos
>>>
>>> On 06 Feb 2014, at 14:33, Petr Vobornik <pvoborni at redhat.com
>>> <mailto:pvoborni at redhat.com>> wrote:
>>>
>>>> On 6.2.2014 15:22, Alexandre Santos wrote:
>>>>> Hi,
>>>>>
>>>>> I´m starting in freeIPA and I would like to know what web apps are
>>>>> available for use, like create user, delete user and so on. I´ve
>>>>> seen that when i use the command "ipa -vv user-add” a url for the
>>>>> app if given.
>>>>>
>>>>> I would like to know if there is any information about that.
>>>>>
>>>>> Thanks
>>>>>
>>>>> Alexandre Santos
>>>>>
>>>>
>>>> The url you saw is most-likely for XML RPC API.
>>>>
>>>> You can check:
>>>>
>>>> https://hostname/ipa/xml - XML RPC API
>>>> https://hostname/ipa/json - JSON RPC API
>>>> https://hostname/ipa/session/xml XML RPC API with session support
>>>> https://hostname/ipa/session/json JSON RPC API with session support
>>>> https://hostname/ipa/ui - Web UI
>>>> https://hostname/ipa/config/unauthorized.html - some config and
>>>> error pages
>>>>
>>>> We don't have docs for the APIs yet.
>>>> --
>>>> Petr Vobornik
>>>
>>
>


-- 
Petr Vobornik

More information about the Freeipa-devel mailing list