The username and password that works with browser login is not working with RT login Api from Postman

Akhil_Siby · October 10, 2021, 6:04am

I got a login issue while logging in to RT from the postman. When I tried to log in it showing the error “Your username or password is incorrect”, but I could log in from the browser using the same password and username. Can someone please help me to solve this issue? I am adding the request which I send from the postman

request : https://rt.reflectionsinfo.com/?user=chatbot.user&pass=Ch123$btu%23$
whether this issue has something to do with special characters in the password string?
Can someone please help?

knation · October 10, 2021, 12:07pm

What happens if You quote the password?

knation · October 10, 2021, 2:33pm

Actually I think you need to do a POST request not a GET

Akhil_Siby · October 10, 2021, 3:42pm

still, it’s not login. I tried with another user credentials where the password is having only one special character “@” and the login is working. But for the above user credential login is failed

Akhil_Siby · October 10, 2021, 3:43pm

Yes I did a POST request

knation · October 10, 2021, 4:45pm

If you set the password to something else for that user does it work? You can try with and without special characters

Akhil_Siby · October 11, 2021, 12:19pm

I tried from POSTMAN and python script with encoding the URL but getting the error “Not logged in”.
I am adding the URLs after and before encoding below. Also putting the response here. Is this URL encoding is correct? Otherwise can you please help me to do this
before encoding
url = https://rt.reflectionsinfo.com/?user=akhilsiby&pass=Ch123$btu%23#

After encoding
url = https://rt.reflectionsinfo.com/%3Fuser%3Dakhilsiby%26pass%3DCh123%24btu%2523%23

response

<title>Login</title>

<meta http-equiv="X-UA-Compatible" content="IE=edge" />

<!-- The X-UA-Compatible <meta> tag above must be very early in <head> -->

<script>

    window.RT = {};

RT.CurrentUser = {};

RT.Config = {“MessageBoxUseSystemContextMenu”:0,“WebPath”:“”,“MessageBoxRichTextHeight”:200,“rtname”:“rt.reflectionsinfo.com”,“MessageBoxRichText”:1,“MaxAttachmentSize”:10000000};

RT.I18N = {};

RT.I18N.Catalog = {“loading”:“Loading…”,“remove”:“Remove”,“attachment_warning_regex”:“\b(re)?attach”,“history_scroll_error”:“Could not load ticket history. Reason:”,“quote_in_filename”:“Filenames with double quotes can not be uploaded.”,“check”:“Check”,“shortcut_help_error”:“Unable to open shortcut help. Reason:”,“error”:“Error”,“try_again”:“Try again”};

</script>

<link rel="stylesheet" href="/NoAuth/css/rudder/squished-d224c3f4d87a334bed790918e731fb93.css" type="text/css"

    media="all" />

<link rel="shortcut icon" href="/static/images/favicon.png" type="image/png" />

<!--[if lt IE 8]>

<![endif]–>

<!-- Site CSS from theme editor -->

<style type="text/css" media="all" id="sitecss">

    /* Page */

    body {

        background: rgb(150, 200, 100)

    }

    div#body {

        background: #efefef;

        color: #000

    }

    /* Menu bar */

    div#quickbar {

        background: #efefef;

        color: #000;

        border: none;

    }

    #main-navigation #app-nav.sf-shadow>li,

    #main-navigation #app-nav.sf-shadow>li>a,

    #prefs-menu>li,

    #prefs-menu>li>a,

    #logo .rtname {

        color: #000

    }

    /* Title bar */

    div#header {

        background: rgb(156, 206, 100);

        color: rgb(0, 0, 0)

    }

    /* Page title */

    div#header h1 {

        color: rgb(68, 86, 92)

    }

    /* Page content */

    div#body {}

    /* Buttons */

    input[type="reset"],

    input[type="submit"],

    input[class="button"] {}

    /* Button hover */

    input[type="reset"]:hover,

    input[type="submit"]:hover,

    input[class="button"]:hover {}

    #bpscredits {

        display: none

    }

</style>

<script type="text/javascript" src="/NoAuth/js/squished-8fc547a59ef3d7e8792af18a242ba6f9.js"></script>

<script type="text/javascript">

    <!--

    jQuery( loadTitleBoxStates );

jQuery(function () { jQuery('\x23user').focus() });

    -->

</script>

<script>

    if (window.top !== window.self) {

document.write = "";

window.top.location = window.self.location;

setTimeout(function(){

    document.body.innerHTML = "";

}, 1);

window.self.onload = function(){

    document.body.innerHTML = "";

};

}

</script>

<div id="logo">

    <a href="http://bestpractical.com"><img

src="/NoAuth/Helpers/CustomLogo/a45176bc3903edc68fed98c96aded594"

alt="Request Tracker logo" /></a>

        <span class="rtname">RT for rt.reflectionsinfo.com</span>

</div>

<div id="quickbar">

    <div id="quick-personal">

        <span class="hide"><a href="#skipnav">Skip Menu</a> | </span>

        <span id="not-logged-in">Not logged in.</span>

    </div>

</div>

<div id="header">

    <h1>Login</h1>

</div>

<div id="body" class="login-body">

    <div id="login-box">

        <div class="">

            <div class="titlebox" id="">

                <div class="titlebox-title">

                    <span class="left">Login</span>

                    <span class="right">                4.4.4    </span>

                </div>

                <div class="titlebox-content " id="TitleBox--_NoAuth_Login_html------TG9naW4_---0">

                    <form id="login" name="login" method="post" action="/NoAuth/Login.html">

                        <div class="input-row">

                            <span class="label">Username:</span>

                            <span class="input"><input name="user" value="" id="user" /></span>

                        </div>

                        <div class="input-row">

                            <span class="label">Password:</span>

                            <span class="input"><input type="password" name="pass" /></span>

                        </div>

                        <input type="hidden" name="next" value="74b34fbad5e9062a46772f444841e601" />

                        <script type="text/javascript">

                            jQuery(function(){

if (window.location.hash) {

    var form = jQuery("form[name=login]");

    form.attr('action', form.attr('action') + '#' + window.location.hash.replace(/^#/, ''));

}

});

                        </script>

                        <div class="button-row">

                            <span class="input"><input type="submit" class="button" value="Login" /></span>

                        </div>

                    </form>

                    <hr class="clear" />

                </div>

            </div>

        </div>

        <div class="login-help">

            For local help, please contact smg@reflectionsinfos.com

        </div>

    </div><!-- #login-box -->

</div><!-- #login-body -->

<hr class="clear" />

</div>

<div id="footer" title="Best Practical Solutions, LLC, copyright and logo">

    <p id="time"><span>Time to display: 0.012744</span></p>

    <p id="bpscredits"><span>&#187;&#124;&#171; RT 4.4.4 Copyright 1996-2019 <a href="http://www.bestpractical.com?rt=4.4.4">Best Practical Solutions, LLC</a>.

    <p id="legal">Distributed under <a href="http://www.gnu.org/licenses/gpl-2.0.html">version 2 of the GNU

            GPL</a>.<br />To inquire about support, training, custom development or licensing, please contact <a

            href="mailto:sales@bestpractical.com">sales@bestpractical.com</a>.<br /></p>

</div>

knation · October 11, 2021, 12:38pm

Are you trying to crawl through RT, is there a reason not to use the REST API?

Ganeshkumar · October 11, 2021, 3:05pm

Hi Knation,
I’am also working with Akhil on this. Seeing your suggestion I tried to execute the below sample code at REST - Request Tracker Wiki. But response.read() gives the following output
“b"RT/4.4.4 200 Ok\n\n# Invalid object specification: ‘’\n\nid: \n\n”"

Can you please help figure out what I’am doing wrong?
import http.cookiejar
import urllib
import urllib.request as urllib2

cookielib = http.cookiejar
# creates a cookie for the rtserver with the credentials given at initialization.
# define your credentials here
access_user = 'xxxx'
access_password = 'xxxxx'

# here is the RequestTracker URI we try to access
uri = 'https://rt.reflectionsinfo.com/REST/1.0/'

# trying login on rt server
cj = cookielib.LWPCookieJar()
opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cj))
urllib2.install_opener(opener)
data = {'user': access_user, 'pass': access_password}
ldata = urllib.parse.urlencode(data)
bytes_ldata = bytearray()
bytes_ldata.extend(map(ord, ldata))
login = urllib2.Request(uri, bytes_ldata)
try:
    response = urllib2.urlopen(login)
    print(response.read())
    print("login successful")
except Exception as ex:
    # could not connect to server
    print("Not able to login")

Regards,
Ganesh

knation · October 11, 2021, 4:49pm

I haven’t used python and their libs to interact with RT, if Postmans conversions are to believed it seems this method works with REST2 and searching tickets:

https://docs.bestpractical.com/rt/5.0.2/RT/REST2.html#Ticket-Examples

import requests

url = "http://myRT/REST/2.0/tickets?query=Queue='General'"

payload={}
headers = {
  'Authorization': 'Basic cm9vdDpwYXNzd29yZA=='
}

response = requests.request("GET", url, headers=headers, data=payload)

print(response.text)

knation · October 11, 2021, 5:05pm

Python3 example:

import rt

tracker = rt.Rt('http://MyRT/REST/1.0/', 'root', 'password')
tracker.login()

Ganeshkumar · October 12, 2021, 12:35pm

Thanks knation for pointing us to the python3 example using rt library… We used it and it is working fine… Thanks for your valuable input

Regards,
Ganesh