Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Deepak_Chauhan1
Participant

RestAPI login issue via python

Hi,

I am trying to access to login into a specific domain using python import library and getting below errors. I am not sure why i am getting syntax error 

 

-sh-4.1$ python3.6 login.py
{
"code" : "generic_err_invalid_syntax",
"message" : "Login request message processing failed"
}

Code details 

import requests
from pprint import pprint
import json
import urllib3
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
URL ="https://*.*.*.*/web_api/login"
headers = {"Content-Type":"application/json"}
page=requests.post(URL,headers=headers,verify=False,data={"user":"username","password":"password","domain":"NPE-DATACENTRE"})
print(page.text)

9 Replies
Maarten_Sjouw
Champion
Champion

Is NPE-DATACENTRE the name of the Domain or of the Domain Management Server?
It needs to be of the Domain itself, the name you see in the left column in the Domains list.
Regards, Maarten
0 Kudos
Deepak_Chauhan1
Participant

Yes, NPE datacenter is the name of the domain. I have tried everything and it didn't work. 

0 Kudos
Maarten_Sjouw
Champion
Champion

NPE-DATACENTRE or NPE-DATACENTER? And it is case sensitive!
Regards, Maarten
Deepak_Chauhan1
Participant

Hi Maarten,
[Expert@mdmnnp420:0]# $MDSVERUTIL AllCMAs | grep NPE
NPE_DATACENTRE_Management_Server-NN
I have tried this and IP address as well.
Interestingly, I am seeing SSL alert messages on Wireshark. Is it mandatory to have valid certs for restapi?
mgmt_cli commands are working fine locally on mgmt server
PhoneBoy
Admin
Admin

Try it with curl first just to make sure everything's working.
curl_cli -vvvv -H "Content-Type: application/json" -X POST -d '{"user":"XXXXXX","password":"YYYYYYYYY","domain":"ZZZ"}' https://a.b.c.d/web_api/login --insecure
Deepak_Chauhan1
Participant

I have got the same error. Common name and hostname/ip doesn't match

---
sh-4.1$ curl -vvvv -H "Content-Type: application/json" -X POST -d '{"user":"username","password":"password","domain":"NPE_DATACENTRE_Management_Server-NN"}' https://a.b.c.d/web_api/login --insecure
* About to connect() to ****** port 443 (#0)
* Trying *.*.*.*... connected
* Connected to ****** (*.*.*.*) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* warning: ignoring value of ssl.verifyhost
* skipping SSL peer certificate verification
* SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate:
* subject: OID.1.2.840.113549.1.9.2=An optional company name,E=Email Address,CN=192.168.1.1,L="Locality Name (eg, city)"
* start date: Jun 23 03:48:00 2018 GMT
* expire date: Jun 22 03:48:00 2028 GMT
* common name: 192.168.1.1
* issuer: OID.1.2.840.113549.1.9.2=An optional company name,E=Email Address,CN=192.168.1.1,L="Locality Name (eg, city)"
> POST /web_api/login HTTP/1.1
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.27.1 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: ******
> Accept: */*
> Content-Type: application/json
> Content-Length: 90
>
< HTTP/1.1 400 Bad Request
< Date: Mon, 02 Sep 2019 22:38:04 GMT
< Server: CPWS
< X-Frame-Options: SAMEORIGIN
< Content-Type: application/json
< X-UA-Compatible: IE=EmulateIE8
< X-Forwarded-Host-Port: 443
< Connection: close
< Transfer-Encoding: chunked
<
{
"code" : "generic_err_invalid_syntax",
"message" : "Login request message processing failed"
* Closing connection #0
}-sh-4.1$
0 Kudos
PhoneBoy
Admin
Admin

0 Kudos
Deepak_Chauhan1
Participant

Same issue
[Expert@abcd:0]# mgmt_cli -r true --domain MDS set api-settings accepted-api-calls-from "All IP addresses"


---------------------------------------------
Time: [10:36:56] 5/9/2019
---------------------------------------------
"Publish operation" in progress (10%)


---------------------------------------------
Time: [10:37:06] 5/9/2019
---------------------------------------------
"Publish operation" succeeded (100%)
[Expert@mdmnnp420:0]# api restart
2019-Sep-05 10:37:51 - Stopping API...
2019-Sep-05 10:37:53 - API stopped successfully.
2019-Sep-05 10:37:53 - Starting API...
. . . . . . . . .
2019-Sep-05 10:38:47 - API started successfully.

===========
> POST /web_api/login HTTP/1.1
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.27.1 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: mdmnnp420
> Accept: */*
> Content-Type: application/json
> Content-Length: 90
>
< HTTP/1.1 400 Bad Request
< Date: Thu, 05 Sep 2019 00:40:47 GMT
< Server: CPWS
< X-Frame-Options: SAMEORIGIN
< Content-Type: application/json
< X-UA-Compatible: IE=EmulateIE8
< X-Forwarded-Host-Port: 443
< Connection: close
< Transfer-Encoding: chunked
<
{
"code" : "generic_err_invalid_syntax",
"message" : "Login request message processing failed"
* Closing connection #0

0 Kudos
PhoneBoy
Admin
Admin

Just to make absolute certain you're passing the correct domain as part of the call, run this script to get the actual name: https://community.checkpoint.com/t5/API-CLI-Discussion-and-Samples/List-all-domain-names-bash-script...

Otherwise, I suggest getting the TAC involved.