Unable to publish to viewer

[pdussart]

I'm on Ubuntu Linux with a multi-user installation based on https://github.com/johnpwhite/Essential ... M_LinuxCLI
(here's my install-log: https://www.notion.so/april10/Essential ... 4e2264aa0f )

Form-based security is enabled for the web apps. Logging on to the web Knowledge Portal works.


However, publishing from the Protégé client (installed on the server, accessed using VNC) to one of the viewer instances (https://<my-server>/essential-dev, in this case) always results in the following error after a while:

Code: Select all

Failed to send snapshot to the Report Service : 
Access forbidden. Your user name and password were correct but you do not have access to publish to this URL

Btw: I always receive the message that name+pwd were correct, regardless of what I type into the input-fields, even nonsense


I'm not sure where to configure the user to fix this. My best guess is in tomcat-users.xml as described here https://www.enterprise-architecture.org ... viewer_os/
I created a user publisher with the role report_publish.

Any thoughts or help are appreciated

thx
pascal

[neil.walsh]

We're not really familiar with those scripts but I've just taken a quick look through them.

Are you perhaps trying to publish to HTTPS instead of HTTP? This can definitely cause issues.

To publish via HTTPS the Protege client will need to have access to the same SSL certificate used by Viewer in Tomcat. You would probably need to add this to Java Keystore or ensure both apps (client and server) are on the same server using the same JVM.

It's worth looking in the Viewer logs (catalina.out and essential_viewer.log) and the Protege logs for any additional errors.

[pdussart]

We managed to publish from the Protege-client, but only with security turned off.

Tried both basic and forms-based authentication based on https://enterprise-architecture.org/doc ... viewer_os/

Log on to the web-viewer works, but publishing not

10.30.32.147 - - [01/Mar/2021:20:12:17 +0100] "GET /essential/reportService HTTP/1.1" 200 3607
10.30.32.147 - - [01/Mar/2021:20:12:17 +0100] "GET /essential/reportService HTTP/1.1" 200 3607
10.30.32.147 - publisher [01/Mar/2021:20:12:17 +0100] "POST /essential/reportService/j_security_check HTTP/1.1" 303 -
10.30.32.147 - publisher [01/Mar/2021:20:12:17 +0100] "GET /essential/reportService HTTP/1.1" 302 -
10.30.32.147 - publisher [01/Mar/2021:20:12:17 +0100] "GET /essential/report?XML=reportXML.xml&XSL=platform/badurl.xsl HTTP/1.1" 403 697

Tomcat and Protege-client are on the same machine (multi-user setup with MySQL 5.3)


Any suggestions for further debugging are appreciated

thx
pascal

[jonathan.carter]

Hi Pascal,

It's not clear from those logs why the publishing isn't working with form-based login.
There is no configuration required within Protege - the tab will work out whether to use form-based login or basic authentication.

The sequence of requests in the web server logs that you've provided show that it's working through the expected set of requests (the form-based login is complex to interact with if you are a machine!).

The Essential Viewer Tab writes some trace to the Protege console whilst it is running and these should provide more information about what is happening when you try to login. These writes are made to 'standard out', so check any terminal window that you've used to launch Protege, your system logs or the Protege logs and you should be able to see the trace of the authentication in the publishing process.

Jonathan

[xiaoqi]

Thanks for Neil's answer, in our case, we use below command to put the key into the Java keystore:

Code: Select all

keytool -importkeystore -srckeystore mykeystore.jks -srcstoretype JKS -destkeystore cacerts -deststoretype JKS

Replace "mykeystore" with your key's jks file, and execute this command in "lib\security" folder of your jre.

I'm using Windows 11. And it's working for Protege to deploy using https secured connection.

Feel free to try,
Xiaoqi