HTTP Put request works using Sun Jersey Client 1.19, but same request is not using SoapUI or Postman
Question
I have a server that provides REST webservice to edit users data on the server's DB, the company that developed the webservice provided a sample client that uses com.sun.jersey.api.client , below is the sample code:
import com.sun.jersey.api.client.Client;
import com.sun.jersey.api.client.config.ClientConfig;
import com.sun.jersey.api.client.config.DefaultClientConfig;
import com.sun.jersey.api.client.filter.HTTPBasicAuthFilter;
import com.sun.jersey.api.client.filter.LoggingFilter;
import com.sun.jersey.api.representation.Form;
import java.util.Properties;
public class entryClass {
private static Client client;
private static ClientConfig config;
private static String truststoreFileName = "C:\\trust.jks";
private static String truststorePassword = "123456";
private static String username = "mahmoud";
private static String password = "Avaya123$";
private static String uri = "https://avaya-smgr01.atcom.ae/web/mgmtwebservice";
private final static String entityType = "user";
private final static String entityXmlData = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><delta:deltaUserList xmlns:delta=\"http://xml.avaya.com/schema/deltaImport\" xmlns:ns3=\"http://xml.avaya.com/schema/import_sessionmanager\" xmlns:ns4=\"http://xml.avaya.com/schema/import_csm_b5800\" xmlns:ns5=\"http://xml.avaya.com/schema/import_csm_mm\" xmlns:ns6=\"http://xml.avaya.com/schema/import_csm_cm\" xmlns:ns7=\"http://xml.avaya.com/schema/import_csm_agent\" xmlns:ns8=\"http://xml.avaya.com/schema/import\" xmlns:tns=\"http://xml.avaya.com/schema/import\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xsi:schemaLocation=\"http://xml.avaya.com/schema/deltaImport userdeltaimport.xsd\"><delta:userDelta><loginName>ghaith@atcom.ae</loginName><commProfileSet><commProfileSetName>Primary</commProfileSetName><isPrimary>true</isPrimary><commProfileList><commProfile xmlns:ns9=\"http://xml.avaya.com/schema/import_csm_cm\" xsi:type=\"ns9:xmlStationProfile\"><commProfileType>CM</commProfileType><ns9:cmName>AVAYA-CM</ns9:cmName><ns9:useExistingExtension>true</ns9:useExistingExtension><ns9:extension>727</ns9:extension><ns9:cor>55</ns9:cor></commProfile></commProfileList></commProfileSet></delta:userDelta></delta:deltaUserList>";
private final static String updateType = "merge";
public static void main(String[] args) {
Properties properties = System.getProperties();
properties.put("javax.net.ssl.trustStore", truststoreFileName);
properties.put("javax.net.ssl.trustStorePassword", truststorePassword);
config = new DefaultClientConfig();
client = Client.create(config);
client.addFilter(new LoggingFilter(System.out));
client.addFilter(new HTTPBasicAuthFilter(username, password));
final Form form = new Form();
form.add("entityType", entityType);
form.add("entityXMLData", entityXmlData);
form.add("updateMode", updateType);
client.resource(uri).put(String.class, form);
}
}
Running the above code gives the following output:
1 * Client out-bound request
1 > PUT https://avaya-smgr01.atcom.ae/web/mgmtwebservice
1 > Authorization: Basic bWFobW91ZDpBdmF5YTEyMyQ=
updateMode=merge&entityType=user&entityXMLData=%3C%3Fxml+version%3D%221.0%22+encoding%3D%22UTF-8%22%3F%3E%3Cdelta%3AdeltaUserList+xmlns%3Adelta%3D%22http%3A%2F%2Fxml.avaya.com%2Fschema%2FdeltaImport%22+xmlns%3Ans3%3D%22http%3A%2F%2Fxml.avaya.com%2Fschema%2Fimport_sessionmanager%22+xmlns%3Ans4%3D%22http%3A%2F%2Fxml.avaya.com%2Fschema%2Fimport_csm_b5800%22+xmlns%3Ans5%3D%22http%3A%2F%2Fxml.avaya.com%2Fschema%2Fimport_csm_mm%22+xmlns%3Ans6%3D%22http%3A%2F%2Fxml.avaya.com%2Fschema%2Fimport_csm_cm%22+xmlns%3Ans7%3D%22http%3A%2F%2Fxml.avaya.com%2Fschema%2Fimport_csm_agent%22+xmlns%3Ans8%3D%22http%3A%2F%2Fxml.avaya.com%2Fschema%2Fimport%22+xmlns%3Atns%3D%22http%3A%2F%2Fxml.avaya.com%2Fschema%2Fimport%22+xmlns%3Axsi%3D%22http%3A%2F%2Fwww.w3.org%2F2001%2FXMLSchema-instance%22+xsi%3AschemaLocation%3D%22http%3A%2F%2Fxml.avaya.com%2Fschema%2FdeltaImport+userdeltaimport.xsd%22%3E%3Cdelta%3AuserDelta%3E%3CloginName%3Eghaith%40atcom.ae%3C%2FloginName%3E%3CcommProfileSet%3E%3CcommProfileSetName%3EPrimary%3C%2FcommProfileSetName%3E%3CisPrimary%3Etrue%3C%2FisPrimary%3E%3CcommProfileList%3E%3CcommProfile+xmlns%3Ans9%3D%22http%3A%2F%2Fxml.avaya.com%2Fschema%2Fimport_csm_cm%22+xsi%3Atype%3D%22ns9%3AxmlStationProfile%22%3E%3CcommProfileType%3ECM%3C%2FcommProfileType%3E%3Cns9%3AcmName%3EAVAYA-CM%3C%2Fns9%3AcmName%3E%3Cns9%3AuseExistingExtension%3Etrue%3C%2Fns9%3AuseExistingExtension%3E%3Cns9%3Aextension%3E727%3C%2Fns9%3Aextension%3E%3Cns9%3Acor%3E55%3C%2Fns9%3Acor%3E%3C%2FcommProfile%3E%3C%2FcommProfileList%3E%3C%2FcommProfileSet%3E%3C%2Fdelta%3AuserDelta%3E%3C%2Fdelta%3AdeltaUserList%3E
1 * Client in-bound response
1 < 200
1 < Cache-Control: no-cache, no-store, must-revalidate
1 < Connection: keep-alive
1 < Set-Cookie: avaya-smgr01.atcom.ae=1gFtZiuD53fAwbKWNBCTjBl2PWFuZ4_FwiiE0Oo535NMf70FsGdJp-2pC2kUcn8C*AAJTSQACMDE.*; path=/; secure; HttpOnly
1 < Set-Cookie: JSESSIONID=DmYwtUKB18qGIWfAlEmQcK5D1-NNgPmOHiO95SmJ.avaya-smgr01; path=/web; Max-Age=0; Expires=Thu, 01-Jan-1970 00:00:00 GMT
1 < Pragma: no-cache
1 < Expires: 0
1 < Content-Length: 104
1 < X-XSS-Protection: 1; mode=block
1 < Date: Sat, 28 Dec 2019 08:38:19 GMT
1 < Content-Type: application/xml
1 <
Operation=Update User, LoginId: mahmoud, Action: Update, merge, Object=ghaith@atcom.ae, Status: Success
I'm trying to reproduce the same request on SoapUI or Postman, but the server keeps giving forbidden 403.
what i understand from the code is:
- request requires Basic HTTP Authentication
- request is sent over HTTPS so there must be a trust store that contains the service CA
- Jersey will encode the request to URL encoded request and use the values as request parameters in the URI like so:
https://avaya-smgr01.atcom.ae/web/mgmtwebservice?updateMode=merge&entityType=user&entityXMLData=%3C%3Fxml+version%3D%22.......%3E
I've tried calling the URL with the encoded format using postman and soapui and set up basic HTTP authentication and disabled URL formatting on both, but still the server is responding with forbidden 403. Also tried to to let SoapUI and Postman to encode the request but still gives the same error
Can someone tell me what am I missing ?
1 answers
solution1
0 ACCPTED 2019-12-28 16:34:10
HTTP PUT 请求应该具有在正文中指定的值,而不是在 URL 的查询参数中。
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
PATCH request using Jersey Client
How to do HTTP POST request with queryParam using Jersey 2.26 client?
Jersey http client: put request with custom Content-Length
Web Client PUT request returns 403 but Postman request does not - Jersey REST API on Glassfish
Writing a POST request using a jersey client
Get an OuputStream to a request body using Jersey Client?
Using the jersey client to do a POST operation with request params and a request body
HTTP 403 Forbidden Jersey on Put Request
Get status for a PUT request on Jersey client
How to log Jersey client request when using Apache client
Related Tags