Hello, I have used the sample REST C# code supplied by Safe to create a simple application. The sample code provided can be located here: http://docs.safe.com/fme/html/FME_Server_Documentation/Content/REST/FMEServerRestAPIdemo.cs We have two FME Servers here, one in a test environment, and another for production. I have written my code against the test server, which uses standard security, using user and password managed by FME Server. Everything works fine. However, when I use my code against the second server, which is secured by the Active Directory, I always get error 401, access denied. Is there anyone out there that has used the REST API with Active Directory security? Here is an example of the code I use to fetch a token: private string GetFmeServerToken() { string fmeTokenUrl = this.Serveur + "/fmetoken/service/generate"; NameValueCollection parameters = new NameValueCollection(); parameters["user"] = ; "user"; // tried with and without domain name parameters["password"] = "password"; parameters["expiration"] = "2"; parameters["timeframe"] = "minute"; byte[] reponseBytes; using (WebClient client = new WebClient()) { if (CustomSetting.FmeImpersonationUtilisateur) { client.UseDefaultCredentials = false; client.Credentials = new NetworkCredential("user", "password", "domaine"); } reponseBytes = client.UploadValues(fmeTokenUrl, "POST", parameters); } return Encoding.UTF8.GetString(reponseBytes); } Now, to make matters worst, I need to authenticate with a different user account that the one running my application, meaning I need to impersonate a different account. This code should work, should it not? I tried to not provide the user/password in the named values, which gave me error 400 bad request. I tried without the impersonate code, providing error 401 access denied. No matter what I do, or what I permutated in my code, I can not get anything to work. Thank you Jeff

REST token with Active Directory Securioty

Hello,

I have used the sample REST C# code supplied by Safe to create a simple application. The sample code provided can be located here:

http://docs.safe.com/fme/html/FME_Server_Documentation/Content/REST/FMEServerRestAPIdemo.cs

We have two FME Servers here, one in a test environment, and another for production.

I have written my code against the test server, which uses standard security, using user and password managed by FME Server. Everything works fine.

However, when I use my code against the second server, which is secured by the Active Directory, I always get error 401, access denied.

Is there anyone out there that has used the REST API with Active Directory security?

Here is an example of the code I use to fetch a token:

private string GetFmeServerToken()

{

string fmeTokenUrl = this.Serveur + "/fmetoken/service/generate";

NameValueCollection parameters = new NameValueCollection();

parameterse"user"] = ; "user"; // tried with and without domain name

parameters;"password"] = "password";

parametersa"expiration"] = "2";

parameters�"timeframe"] = "minute";

byte<] reponseBytes;

using (WebClient client = new WebClient())

{

if (CustomSetting.FmeImpersonationUtilisateur)

{

client.UseDefaultCredentials = false;

client.Credentials = new NetworkCredential("user", "password", "domaine");

}

reponseBytes = client.UploadValues(fmeTokenUrl, "POST", parameters);

}

return Encoding.UTF8.GetString(reponseBytes);

}

Now, to make matters worst, I need to authenticate with a different user account that the one running my application, meaning I need to impersonate a different account.

This code should work, should it not? I tried to not provide the user/password in the named values, which gave me error 400 bad request. I tried without the impersonate code, providing error 401 access denied.

No matter what I do, or what I permutated in my code, I can not get anything to work.

Thank you

Jeff

Page 1 / 1

Hi,

sounds like it might be a configuration error on the AD side of things. have you looked in the FME Server logs?

David

Also consider the fmetoken service...

On your production environment can you access <fme url>/fmetoken? Can you log in and create a token with an AD user?

Issue resolved.

First you do not have to impersonate the user, simply feeding the credential into the post query is enough.

Jeff

Reply

Community Stats

Reply

Community Stats

Sign up

An FME Account is required to contribute

Login to the community

An FME Account is required to contribute

Scanning file for viruses.

This file cannot be downloaded