Hexagon Geospatial
MENU

ERDAS APOLLO & ECW/JP2

Wondering how others have configured their ERDAS APOLLO server or what data they are crawling? The ERDAS APOLLO Discussion board is a place to find information, share ideas and more. Join the community, connect, contribute and share.
Showing results for 
Search instead for 
Do you mean 
Reply
Frequent Contributor
Posts: 107
Registered: ‎10-16-2015
Accepted Solution

Erdas Apollo REST API returns 403 error

[ Edited ]

So the question becomes: why does Tomcat return a 403 on the OPTIONS request?

 

This is in web.xml

<!-- Begin Enable CORS -->
   <filter>
     <filter-name>CorsFilter</filter-name>
     <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
     <init-param>
        <param-name>cors.allowed.origins</param-name>
        <param-value>*</param-value>
     </init-param>
     <init-param>
        <param-name>cors.exposed.headers</param-name>
        <param-value>Access-Control-Allow-Origin,Access-Control-Allow-Credentials,Access-Control-Allow-Headers</param-value>
     </init-param>
     <init-param>
        <param-name>cors.support.credentials</param-name>
        <param-value>true</param-value>
     </init-param>
    </filter>
    <filter-mapping>
     <filter-name>CorsFilter</filter-name>
     <url-pattern>/*</url-pattern>
    </filter-mapping>
<!-- End Enable CORS -->
 
request:
Axios({
        method: "get",
        url: `http://apollo/erdas-apollo/content/catalog/items?profile=full&keywords=${
          context.state.form.keyword
        }&start=${context.getters.start}&maxresults=${RESULTS_PER_PAGE}`,
        auth: {
          username: "xxxx",
          password: "xxxx"
        },
        headers: {
          "Content-Type": "application/json",
          Accept: "*/*"
        }
      })
 
This is wat the network tab in Chrome tells us:

General

Request URL:                                   http://apollo/erdas-apollo/content/catalog/items?profile=full&keywords=&start=0&maxresults=20

Request Method:                            OPTIONS

Status Code:                                     403 403

Remote Address:                            192.168.2.10:80

Referrer Policy:                               no-referrer-when-downgrade

 

Response Headers

Access-Control-Allow-Headers: Cache-control, content-type, authorization

Access-Control-Allow-Methods:                GET, POST, PUT, DELETE, OPTIONS

Access-Control-Allow-Origin:       *

Content-Length:                              0

Content-Type:                                 text/plain

Date:                                                  Thu, 06 Jun 2019 12:05:22 GMT

Server:                                               Microsoft-IIS/10.0

X-Powered-By:                                ASP.NET

 

Request Headers

Provisional headers are shown

Access-Control-Request-Headers:             authorization

Access-Control-Request-Method:             GET

Origin:                                                              http://demo

Referer:                                                            http://demo/

User-Agent:                                                     Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

 

Query String Parameters view source view URL encoded

profile:                 full

keywords:

start:                    0

maxresults:         20

 

 
 
 
 
Frequent Contributor
Posts: 107
Registered: ‎10-16-2015

Documentation on authorization for Erdas Apollo REST api

Hi,

 

We've been trying to figure out how to do authenticated requests to Apollo, but we cannot find documentation on how to do it.

When I look at the API tool, it seems that we should add a header 'Authorization: Basic <string>', but whenever we try that we get a 403 response

Technical Evangelist
Posts: 1,118
Registered: ‎09-11-2015

Re: Documentation on authorization for Erdas Apollo REST api

Hi haayman,

 

I've now tried with the default Apollo authentication and admin credentials and it seemingly works fine for me:

GET http://192.168.56.103/erdas-apollo/content/catalog/items

Host: 192.168.56.103
Content-Type: application/json
Authorization: Basic YWRtaW46YXBvbGxvMTIz
Content-Length: 512

Response (partial):

HTTP/1.1 200 200
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Type: application/json;charset=UTF-8
Accept-Ranges: bytes
Vary: Accept-Charset, Accept-Encoding, Accept-Language, Accept
Server: Microsoft-IIS/10.0
Server: Restlet-Framework/2.3.5
Set-Cookie: JSESSIONID=64218CC61189A348418F6F34285C9D08; Path=/erdas-apollo; HttpOnly
X-Powered-By: ASP.NET
Date: Thu, 06 Jun 2019 10:49:53 GMT
Content-Length: 5705

{
  "_encodingVersion": "2.0",
  "_encodingTime": 16,
  "context":   {
    "totalAvailableResults": 132,
    "queryParameters": {},
    "maxResults": 10,
    "startIdx": 0,
    "queryTimeMillis": 32,
    "rootPath": "http://192.168.56.103:80/erdas-apollo/content",
    "_class": "com.erdas.rsp.babel.service.rest.RestletQueryContext"
  },
  "results":   [
        {
      "identifier": "444173f0-d102-448c-bb03-1deabaf56468",
      "defaultAttachmentName": "default",
      "name": "Hexagon Geospatial",
      "description": null,
      "id": "4028b8e669b59e820169b5adcb490003",
      "_class": "com.erdas.rsp.babel.model.Organization",
      "title": null,
      "tags": []
    },
        {
      "identifier": "12d08fde-5126-4dda-add9-bc6d68bd2c39",
      "defaultAttachmentName": "default",
      "name": "Hexagon Geospatial",
      "description": null,
      "id": "4028b8e669b59e820169b5adcb490007",
      "_class": "com.erdas.rsp.babel.model.User",
      "title": null,
      "tags": []
    },
        {
      "identifier": "http://win-16e3hesc19d:80/erdas-apollo/vector/USSAMPLE?service=WFS",
      "defaultAttachmentName": "default",
      "name": "OGC:WFS",
      "description": "USSAMPLE, PostgreSQL Service setup using ERDAS APOLLO",
      "id": "4028b8e669b91e3e0169b92e60180000",
      "_class": "com.erdas.rsp.babel.model.ows.WebFeatureService",
      "title": "USSAMPLE, PostgreSQL Service",
      "parentId": null,
      "tags":       [
        "Web Feature Service",
        "Intergraph",
        "Hexagon",
        "Geospatial",
        "ERDAS",
        "APOLLO",
        "USSAMPLE",
        "PostgreSQL"
      ]

 

Jan Neumann
Post Sales Engineer Web Applications
Hexagon Geospatial

Frequent Contributor
Posts: 107
Registered: ‎10-16-2015

Re: Documentation on authorization for Erdas Apollo REST api

I've tried it using postman and indeed that works. The extra complication seems to be that I'm using crossdomain calls, so CORS steps in.

I've added several Access-Control-Allow- headers in IIS, but  we see a 403 response coming from the first OPTIONS call testing the authorization header.

 

Do you know where we should configure the Access-Control headers? In IIS and/or Tomcat?

Technical Evangelist
Posts: 1,118
Registered: ‎09-11-2015

Re: Documentation on authorization for Erdas Apollo REST api

[ Edited ]

My best bet is in Tomcat and do it through Configuration Wizard (Enable CORS, docs). It should be propagated into

C:\Program Files\Hexagon\ERDAS APOLLO\tomcat\webapps\erdas-apollo\WEB-INF\web.xml

 

 

Jan Neumann
Post Sales Engineer Web Applications
Hexagon Geospatial

Technical Evangelist
Posts: 1,118
Registered: ‎09-11-2015

Re: Documentation on authorization for Erdas Apollo REST api

I'm trying the OPTIONS through Fiddler and it seems to work fine too (although my experiences with RESTful end there). It may be something in the middle throwing 403...

OPTIONS http://192.168.56.103/erdas-apollo HTTP/1.1
Host: 192.168.56.103
Content-Type: application/json
Content-Length: 0

Response:

HTTP/1.1 200 OK
Allow: OPTIONS, TRACE, GET, HEAD, POST
Server: Microsoft-IIS/10.0
Public: OPTIONS, TRACE, GET, HEAD, POST
X-Powered-By: ASP.NET
Date: Thu, 06 Jun 2019 12:29:26 GMT
Content-Length: 0

I will also move this topic to APOLLO discussion, perhaps you could get more insights there.

Jan Neumann
Post Sales Engineer Web Applications
Hexagon Geospatial

Frequent Contributor
Posts: 107
Registered: ‎10-16-2015

Re: Documentation on authorization for Erdas Apollo REST api

fixed it:

 

I've added 

<init-param>
<param-name>cors.allowed.headers</param-name>
<param-value>Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization</param-value>
</init-param>
 
to the web.xml
 
I believe this should be default?
Highlighted
Technical Evangelist
Posts: 1,118
Registered: ‎09-11-2015

Re: Documentation on authorization for Erdas Apollo REST api

I've found a bug report that is most likely related to your problem "APOLLO should allow anonymous HTTP OPTIONS requests for CORS support" and it was fixed in 16.5 release and could be worked-around by adjusting CORS settings in web.xml, just as you did. So this is now default.

Jan Neumann
Post Sales Engineer Web Applications
Hexagon Geospatial

Frequent Contributor
Posts: 107
Registered: ‎10-16-2015

Re: Documentation on authorization for Erdas Apollo REST api

Now I want to add 'PATCH' to the Access-Control-Allow-Methods, but somehow this is ignored??

 

I've got this in tomcat\webapps\erdas-apollo\WEB-INF\web.xml (see below), but when I make a request I don't see 'PATCH' in the  Access-Control-Allow-Methods:

 
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
 
Is there still some other configuration that interferes?

  

<!-- Begin Enable CORS -->
 <filter>
   <filter-name>CorsFilter</filter-name>
   <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
   <init-param>
    <param-name>cors.allowed.origins</param-name>
    <param-value>*</param-value>
   </init-param>
     <init-param>
<param-name>cors.allowed.methods</param-name>
<param-value>GET,POST,HEAD,OPTIONS,PUT,PATCH</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.headers</param-name>
<param-value>Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization</param-value>
</init-param>
   <init-param>
    <param-name>cors.exposed.headers</param-name>
    <param-value>Access-Control-Allow-Origin,Access-Control-Allow-Credentials,Access-Control-Allow-Headers</param-value>
   </init-param>
   <init-param>
    <param-name>cors.support.credentials</param-name>
    <param-value>true</param-value>
   </init-param>
  </filter>
  <filter-mapping>
   <filter-name>CorsFilter</filter-name>
   <url-pattern>/*</url-pattern>
  </filter-mapping>
<!-- End Enable CORS -->
 
Technical Evangelist
Posts: 1,118
Registered: ‎09-11-2015

Re: Documentation on authorization for Erdas Apollo REST api

Which endpoint are you using for the OPTIONS request? Can you see the PATCH listed if querying the 'items' endpoint?

Jan Neumann
Post Sales Engineer Web Applications
Hexagon Geospatial

Do you need immediate support?
If you encounter a critical issue and need immediate assistance please submit a Service Request through our Support Portal.