API+Authentication not working

Forum for questions and support relating to the 1.30.x releases only.
Post Reply
clueo8
Posts: 5
Joined: Tue Mar 10, 2015 10:47 am

API+Authentication not working

Post by clueo8 » Thu Mar 02, 2017 3:06 am

I have ZM v1.30.2 installed via apt (http://ppa.launchpad.net/iconnor/zoneminder/ubuntu) on Ubuntu 14.04. I'm trying to get the zm API working with OPT_USE_AUTH enabled. The API page is green so that part is okay. If I disable OPT_USE_AUTH, /zm/api/host/getVersion.json works fine. With OPT_USE_AUTH enabled, I get "Not Authenticated":

Code: Select all

{ "success": false, "data": { "name": "Not Authenticated", "message": "Not Authenticated", "url": "\/zm\/api\/host\/getVersion.json", "exception": { "class": "UnauthorizedException", "code": 401, "message": "Not Authenticated", "trace": [ "#0 [internal function]: AppController->beforeFilter(Object(CakeEvent))", "#1 \/usr\/share\/zoneminder\/www\/api\/lib\/Cake\/Event\/CakeEventManager.php(243): call_user_func(Array, Object(CakeEvent))", "#2 \/usr\/share\/zoneminder\/www\/api\/lib\/Cake\/Controller\/Controller.php(677): CakeEventManager->dispatch(Object(CakeEvent))", "#3 \/usr\/share\/zoneminder\/www\/api\/lib\/Cake\/Routing\/Dispatcher.php(189): Controller->startupProcess()", "#4 \/usr\/share\/zoneminder\/www\/api\/lib\/Cake\/Routing\/Dispatcher.php(167): Dispatcher->_invoke(Object(HostController), Object(CakeRequest))", "#5 \/usr\/share\/zoneminder\/www\/api\/app\/webroot\/index.php(108): Dispatcher->dispatch(Object(CakeRequest), Object(CakeResponse))", "#6 {main}" ] }, "queryLog": { "default": { "log": [ { "query": "SELECT `Config`.`Id`, `Config`.`Name`, `Config`.`Value`, `Config`.`Type`, `Config`.`DefaultValue`, `Config`.`Hint`, `Config`.`Pattern`, `Config`.`Format`, `Config`.`Prompt`, `Config`.`Help`, `Config`.`Category`, `Config`.`Readonly`, `Config`.`Requires` FROM `zm`.`Config` AS `Config` WHERE `Config`.`Name` = 'ZM_OPT_USE_API' LIMIT 1", "params": [ ], "affected": 1, "numRows": 1, "took": 0 }, { "query": "SELECT `Config`.`Id`, `Config`.`Name`, `Config`.`Value`, `Config`.`Type`, `Config`.`DefaultValue`, `Config`.`Hint`, `Config`.`Pattern`, `Config`.`Format`, `Config`.`Prompt`, `Config`.`Help`, `Config`.`Category`, `Config`.`Readonly`, `Config`.`Requires` FROM `zm`.`Config` AS `Config` WHERE `Config`.`Name` = 'ZM_OPT_USE_AUTH' LIMIT 1", "params": [ ], "affected": 1, "numRows": 1, "took": 0 }, { "query": "SELECT `Config`.`Id`, `Config`.`Name`, `Config`.`Value`, `Config`.`Type`, `Config`.`DefaultValue`, `Config`.`Hint`, `Config`.`Pattern`, `Config`.`Format`, `Config`.`Prompt`, `Config`.`Help`, `Config`.`Category`, `Config`.`Readonly`, `Config`.`Requires` FROM `zm`.`Config` AS `Config` WHERE `Config`.`Name` = 'ZM_OPT_USE_API' LIMIT 1", "params": [ ], "affected": 1, "numRows": 1, "took": 0 }, { "query": "SELECT `Config`.`Id`, `Config`.`Name`, `Config`.`Value`, `Config`.`Type`, `Config`.`DefaultValue`, `Config`.`Hint`, `Config`.`Pattern`, `Config`.`Format`, `Config`.`Prompt`, `Config`.`Help`, `Config`.`Category`, `Config`.`Readonly`, `Config`.`Requires` FROM `zm`.`Config` AS `Config` WHERE `Config`.`Name` = 'ZM_OPT_USE_AUTH' LIMIT 1", "params": [ ], "affected": 1, "numRows": 1, "took": 0 } ], "count": 4, "time": 0 } } } }
I tried capturing my cookies.txt and curling with those but that also does not work, displays the same 'Not Authenticated' message as above. I have Apache 2.4, here are my ZM specific configs:

Code: Select all

ScriptAlias /zm/cgi-bin "/usr/lib/zoneminder/cgi-bin"
<Directory "/usr/lib/zoneminder/cgi-bin">
    Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
    AllowOverride All
    Require all granted
</Directory>

Alias /zm /usr/share/zoneminder/www
<Directory /usr/share/zoneminder/www>
  php_flag register_globals off
  Options -Indexes +FollowSymLinks
  <IfModule mod_dir.c>
    DirectoryIndex index.php
  </IfModule>
</Directory>

<Directory /usr/share/zoneminder/www/api>
    AllowOverride All
</Directory>
Normal ZM webpage operation is fine, I'm using https/cert from letsencrypt, its just the APIs which aren't working with OPT_USE_AUTH enabled. Been searching around and can't find a solution to my particular problem. Apache error logs don't display anything when hitting the api. Thanks in advance.

rockedge
Posts: 901
Joined: Fri Apr 04, 2014 1:46 pm
Location: Connecticut,USA
Contact:

Re: API+Authentication not working

Post by rockedge » Sun Mar 05, 2017 1:25 am

have you looked at this? from the manual : http://zoneminder.readthedocs.io/en/latest/api.html

The APIs tie into ZoneMinder’s existing security model. This means if you have OPT_AUTH enabled, you need to log into ZoneMinder using the same browser you plan to use the APIs from. If you are developing an app that relies on the API, you need to do a POST login from the app into ZoneMinder before you can access the API.

Then, you need to re-use the authentication information of the login (returned as cookie states) with subsequent APIs for the authentication information to flow through to the APIs.

This means if you plan to use cuRL to experiment with these APIs, you first need to do

Code: Select all

curl -d "username=XXXX&password=YYYY&action=login&view=console" -c cookies.txt  http://yourzmip/zm/index.php
replacing XXXX and YYYY with your username and password, respectively.

Please make sure you do this in a directory where you have write permissions, otherwise cookies.txt will not be created and the command will silently fail.

What the “-c cookies.txt” does is store a cookie state reflecting that you have logged into ZM. You now need to apply that cookie state to all subsequent APIs. You do that by using a ‘-b cookies.txt’ to subsequent APIs if you are using CuRL like so:

Code: Select all

curl -b cookies.txt http://yourzmip/zm/api/monitors.json
This would return a list of monitors and pass on the authentication information to the ZM API layer.

So remember, if you are using authentication, please add a -b cookies.txt to each of the commands below if you are using CuRL. If you are not using CuRL and writing your own app, you need to make sure you pass on cookies to subsequent requests in your app.
Examples (please read security notice above)

You will see each URL ending in either .xml or .json. This is the format of the request, and it determines the format that any data returned to you will be in. I like json, however you can use xml if you’d like.

(In all examples, replace ‘server’ with IP or hostname & port where ZoneMinder is running)

clueo8
Posts: 5
Joined: Tue Mar 10, 2015 10:47 am

Re: API+Authentication not working

Post by clueo8 » Sat Mar 11, 2017 5:15 pm

Yes, I have read and understand that. I tried saving the cookies and using curl and that does not work with the API. I've also tried logging in then going to API in same browser session and that fails to work. What I really am trying to use is zmNinja but my APIs are not working and I know it's because of this error. I think possibly somewhere else in my apache config could be interfearing.

bbunge
Posts: 2153
Joined: Mon Mar 26, 2012 11:40 am
Location: Pennsylvania

Re: API+Authentication not working

Post by bbunge » Sun Mar 12, 2017 12:00 am

I do not remember having issues with the API's in Ubuntu 14.04. Ubuntu 16.04 had some permissions issues that were fixed by: chown -R www-data:www-data /usr/share/zoneminder/



14.04 Ubuntu install procedure: https://wiki.zoneminder.com/Ubuntu_Serv ... e_easy_way

User avatar
asker
Posts: 941
Joined: Sun Mar 01, 2015 12:12 pm

Re: API+Authentication not working

Post by asker » Thu Mar 16, 2017 7:33 pm

@clueo8 - please see https://github.com/ZoneMinder/ZoneMinder/issues/1813
Please participate with data requested (and see workaround - not a full fix)
--
My collection of ZoneMinder learnings:
https://wiki.zoneminder.com/Various_ZM_thoughts

detxm80
Posts: 8
Joined: Fri Oct 13, 2017 9:42 am

Re: API+Authentication not working

Post by detxm80 » Wed Oct 10, 2018 3:46 pm

Hi, i've 1.32.1 and i've api problem:

Code: Select all

	
success	false
data	
name	"Not Authenticated"
message	"Not Authenticated"
url	"/zm/api/host/getVersion.json"
exception	
class	"UnauthorizedException"
code	401
message	"Not Authenticated"
trace	
0	"#0 /usr/share/zoneminder/www/api/lib/Cake/Event/CakeEventManager.php(243): AppController->beforeFilter(Object(CakeEvent))"
1	"#1 /usr/share/zoneminder/www/api/lib/Cake/Controller/Controller.php(677): CakeEventManager->dispatch(Object(CakeEvent))"
2	"#2 /usr/share/zoneminder/www/api/lib/Cake/Routing/Dispatcher.php(189): Controller->startupProcess()"
3	"#3 /usr/share/zoneminder/www/api/lib/Cake/Routing/Dispatcher.php(167): Dispatcher->_invoke(Object(HostController), Object(CakeRequest))"
4	"#4 /usr/share/zoneminder/www/api/app/webroot/index.php(107): Dispatcher->dispatch(Object(CakeRequest), Object(CakeResponse))"
5	"#5 {main}"
queryLog	[]
can you help me?

it's seems to not create a problem, but i want to resolve it
tnx

edit: i i use my domains ex domains.zoneminder.com/zm/api/host/getVersion.json it's all ok, if i use local ip ex http://xxx.xxx.x.x/zm/api/host/getVersion.json i'm get api error

bbunge
Posts: 2153
Joined: Mon Mar 26, 2012 11:40 am
Location: Pennsylvania

Re: API+Authentication not working

Post by bbunge » Sun Oct 14, 2018 6:01 pm

detxm80 wrote:
Wed Oct 10, 2018 3:46 pm
Hi, i've 1.32.1 and i've api problem:

Code: Select all

	
success	false
data	
name	"Not Authenticated"
message	"Not Authenticated"
url	"/zm/api/host/getVersion.json"
exception	
class	"UnauthorizedException"
code	401
message	"Not Authenticated"
trace	
0	"#0 /usr/share/zoneminder/www/api/lib/Cake/Event/CakeEventManager.php(243): AppController->beforeFilter(Object(CakeEvent))"
1	"#1 /usr/share/zoneminder/www/api/lib/Cake/Controller/Controller.php(677): CakeEventManager->dispatch(Object(CakeEvent))"
2	"#2 /usr/share/zoneminder/www/api/lib/Cake/Routing/Dispatcher.php(189): Controller->startupProcess()"
3	"#3 /usr/share/zoneminder/www/api/lib/Cake/Routing/Dispatcher.php(167): Dispatcher->_invoke(Object(HostController), Object(CakeRequest))"
4	"#4 /usr/share/zoneminder/www/api/app/webroot/index.php(107): Dispatcher->dispatch(Object(CakeRequest), Object(CakeResponse))"
5	"#5 {main}"
queryLog	[]
can you help me?

it's seems to not create a problem, but i want to resolve it
tnx

edit: i i use my domains ex domains.zoneminder.com/zm/api/host/getVersion.json it's all ok, if i use local ip ex http://xxx.xxx.x.x/zm/api/host/getVersion.json i'm get api error
Linux distro and version?

Did you by chance upgrade from Ubuntu 16.04 to 18.04? If you did make sure PHP 7.0 is removed and 7.2 is configured for Zoneminder.

detxm80
Posts: 8
Joined: Fri Oct 13, 2017 9:42 am

Re: API+Authentication not working

Post by detxm80 » Sun Oct 14, 2018 9:55 pm

bbunge wrote:
Sun Oct 14, 2018 6:01 pm
detxm80 wrote:
Wed Oct 10, 2018 3:46 pm
Hi, i've 1.32.1 and i've api problem:

Code: Select all

	
success	false
data	
name	"Not Authenticated"
message	"Not Authenticated"
url	"/zm/api/host/getVersion.json"
exception	
class	"UnauthorizedException"
code	401
message	"Not Authenticated"
trace	
0	"#0 /usr/share/zoneminder/www/api/lib/Cake/Event/CakeEventManager.php(243): AppController->beforeFilter(Object(CakeEvent))"
1	"#1 /usr/share/zoneminder/www/api/lib/Cake/Controller/Controller.php(677): CakeEventManager->dispatch(Object(CakeEvent))"
2	"#2 /usr/share/zoneminder/www/api/lib/Cake/Routing/Dispatcher.php(189): Controller->startupProcess()"
3	"#3 /usr/share/zoneminder/www/api/lib/Cake/Routing/Dispatcher.php(167): Dispatcher->_invoke(Object(HostController), Object(CakeRequest))"
4	"#4 /usr/share/zoneminder/www/api/app/webroot/index.php(107): Dispatcher->dispatch(Object(CakeRequest), Object(CakeResponse))"
5	"#5 {main}"
queryLog	[]
can you help me?

it's seems to not create a problem, but i want to resolve it
tnx

edit: i i use my domains ex domains.zoneminder.com/zm/api/host/getVersion.json it's all ok, if i use local ip ex http://xxx.xxx.x.x/zm/api/host/getVersion.json i'm get api error
Linux distro and version?

Did you by chance upgrade from Ubuntu 16.04 to 18.04? If you did make sure PHP 7.0 is removed and 7.2 is configured for Zoneminder.
Hi, ubuntu 18.04 clean install and php 7.2, only with local io i’ve problem not by my domain name

Post Reply

Who is online

Users browsing this forum: No registered users and 5 guests