Did the authentication process change via the rest-API?
After updating cmdbuild from 3.1.1 to 3.2 I’m now unable to make authentications.
The web service manual 3.2 did not help me to solve this issue.
At this stage, I’m able to authenticate using Postman (and without actually generating an auth key).
But when using the request python library I’m not, receiving the message: { "success":false,"messages":[{"level":"ERROR","show_user":false,"message":"org.springframework.security.authentication.InsufficientAuthenticationException: Full authentication is required to access this resource"}]}
To add some detail: POST /cmdbuild/services/rest/v3/sessions?scope=service
returns the expeced data format. The sessionId is expected to be in the field _id which is statically ‘current’.
As a work around I log in with v2 of the API and use this sessionId instead.
Hi,
due to security issues a new parameter in the Session endpoint has been added to avoid returning the session id. The query parameter is returnId and its default is false, if you pass it in the request with a true value the _id field will be correctly displayed in the response.