Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cannot force api/21/execution/<id> to respone with json #3131

Closed
EugenMayer opened this issue Feb 10, 2018 · 11 comments
Closed

cannot force api/21/execution/<id> to respone with json #3131

EugenMayer opened this issue Feb 10, 2018 · 11 comments

Comments

@EugenMayer
Copy link

Sending a request to api/21/execution/<id> does always respond with XML

I did set : Accept: application/json

image

and the response is always xml

image
@gschueler
Copy link
Member

what is the full request URL?

@EugenMayer
Copy link
Author

api/21/execution/ ?

@gschueler
Copy link
Member

It looks like you are doing it via a web browser. There are a few reasons that might not work:

  • Rundeck by default disables API requests made via a login session that happens in a web browser, to prevent some types of XSS attacks
  • Grails detects the User-Agent, and sometimes responds with a different content type, since web browsers tend to include Accept: */* or similar, Grails overrides that and may force the "default" content type response, which for that API is XML.

See: https://grails.github.io/grails2-doc/2.5.6/guide/theWebLayer.html#contentNegotiation

That's why Grails ignores the accept header by default for browsers.

You can try to override the "content negotiation" if you are using a web browser by using ?format=json in the URL.

this works in CURL: curl -H accept:application/json -H x-rundeck-auth-token:xxx http://ecto1.local:4440/api/21/execution/23233 -> Response is JSON.

But if i set a "user-agent" header:

curl -H "user-agent: Mozilla/5.0  AppleWebKit Safari" -H accept:application/json-H x-rundeck-auth-token:xxx http://ecto1.local:4440/api/21/execution/23233

-> I get XML.

If I add ?format=json, -> I get JSON again

@EugenMayer
Copy link
Author

so i cannot use the ACCEPT header as it works with the rest of the API? I used ACCEPT: application/json

@gschueler
Copy link
Member

not via web browser or with a User-Agent like that

@EugenMayer
Copy link
Author

And you consider that to be NOT a bug?

@gschueler
Copy link
Member

It's definitely a bug

@venkatesh1753
Copy link

venkatesh1753 commented Jan 15, 2020
edited
Loading

@EugenMayer Could you please help me on how to setup an access control policy for rundeck api token?

@EugenMayer
Copy link
Author

https://github.com/EugenMayer/docker-image-rundeck - more specifically https://github.com/EugenMayer/docker-image-rundeck/blob/master/nginx/rundeck.nginx.conf#L11

@venkatesh1753
Copy link

@EugenMayer Thanks for the response.
But we have normal rundeck installation, not docker one.
We gonna do docker as enhancement. is there any other way to setup an access control policy for rundeck api token?
or to create a dynamic token and restrict access to only 1 or 2 projects in rundeck?

@fdevans
Copy link
Contributor

fdevans commented Apr 9, 2020

Seems like the thread went a different direction. If you are still experiencing the original issue on the current version of Rundeck please let us know by opening a new Issue request with version and steps to reproduce. If you are an Enterprise customer our support personnel are ready to help.
Thank you,
The Rundeck Team

@fdevans fdevans closed this as completed Apr 9, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@gschueler @EugenMayer @fdevans @venkatesh1753