We're updating the issue view to help you get more done. 

Access denied error (401) calling REST API methods

Description

I was able to authenticate to the REST service and call getUserID, but when calling other methods such as getItem or getObjectRepresentations, I got a 401 Access denied error.

I found that ca_users.canAccess(...) was returning false because there was no user ID. There was no user ID because the AppController constructor sets 'no_authentication' to 'true'. In this case, RequestHTTP simply creates a new ca_users object without authenticating, hence no user ID.

Changing the 'no_authentication' option to 'false' fixes the issue for me, and I'm able to call the other REST API methods.

Environment

Centos 5.5, PHP 5.1.6

Assignee

User known

Reporter

Mark Chung

Labels

None

Components

Affects versions

Priority

Major
Configure