User permissions

Reto · October 21, 2015, 2:05pm

Hi All

I’m using DF V2.0-beta3. But I have some troubles to set the correct user rights.

What I did:

I created a new role. I set access (only) to my service (SQL DB) for one component with POST access.
Then I defined a new no storage app and assigned the new role as a default role.
Then I created a new user with a (fake) email address and set the password manually. Under roles for my new app I selected my new role.

But I can’t use the service with this new user.

The error log shows this:

[Wed Oct 21 15:43:57.432136 2015] [:error] [pid 1388:tid 1092] [client xxx.xxx.xxx.xxx:xxxxx] REST Exception #401 > Unauthorized. User credentials did not match.

The access log shows this (first line is the successful call with my admin login, second line is the error):

xxx.xxx.xxx.xxx - xxx@xxx.xx [21/Oct/2015:15:43:53 +0200] "POST /api/v2/xxx/_proc/xxx HTTP/1.1" 200 146
xxx.xxx.xxx.xxx - yyy@xxx.xx [21/Oct/2015:15:43:57 +0200] "POST /api/v2/xxx/_proc/xxx HTTP/1.1" 401 7754

Which configuration did I mess up?

Reto E.

jeffreystables · October 21, 2015, 2:26pm

Have you assigned this user the role you created with respect to the app you created on the Roles tab under that User?

formerstaff · October 21, 2015, 2:27pm

You’ll want to check the dreamfactory log to be sure (it’s in the storage/logs folder, /path/to/bitnami/htdocs/storage/logs if you used a Bitnami installer)

But my first inclination would be to check what call you are making.
Are you establish a session first (posting to /api/v2/user/session) and then using the returned token in your call?

If you can share all of your call to your service that will help troubleshoot (you can use placeholders for sensitive information, i.e. {password} for user’s password)

Reto · November 19, 2015, 2:33pm

Yes. The User has the Role assigned under the correct app.

The Role has access to the Remote SQL DB Service for only the one stored procedure component with POST Access. No other Services are assigned. Are other Services necessary for the authentication?

Reto · November 19, 2015, 2:43pm

I am trying to make the call with basic authentication.

Reto · November 19, 2015, 3:47pm

I just installed Version 2.0.1-1. And now the request with Basic Authentication works like expected. Maybe it was a problem with the BETA or my particular installation of the BETA.

formerstaff · November 19, 2015, 6:22pm

That makes sense. We resolved quite a few bugs between beta 3 and 2.0.1

Topic		Replies	Views
DreamFactory User Considerations Users & Roles	0	1671	November 19, 2015
Typical DF 2.x setup for application access Users & Roles	3	4080	July 15, 2016
Create only One Public API Users & Roles	7	2882	December 21, 2015
User getting 403 response when they shouldn't be Users & Roles	3	2926	December 2, 2015
User Authentication And Authorization for the User Capabilities Users & Roles	1	2219	June 9, 2014

User permissions

Related Topics