AnsweredAssumed Answered

Missing header X-chkp-sid in login ?

Question asked by franck BOUDINET on Dec 9, 2018
Latest reply on Dec 10, 2018 by franck BOUDINET

Hi, I'm a newbie on the R80.10 API and face a basic problem: cannot login through the API.

 

I created a testapi user with super user privilege but cannot login with it through the api but can using the mgmt command after connecting to my management server (see two attached screen shots from SmartConsole with general view of the configuration & admin users)

 

Symptom:

POST https://x.y.z.w:443/web_api/1.1/login

{
"user" : "testapi",
"password" : "myPassword"
}

returns

{
"code": "generic_err_missing_required_header",
"message": "Missing header: [X-chkp-sid]"
}

My understanding is that the sid should be returned by the login request so I'm not sure why it seems to be requested by the login operation and thus do not understand what needs to be done. 

Any idea about what's going on and what I should do to get this login to work ?

 

Info about my setup (see attached screen shot for general view):

  • Version

cp-security-management> show version all

Product version Check Point Gaia R80.10 

OS build 479

OS kernel version 2.6.18-92cpx86_64

OS edition 64-bit

  • API Status

cp-security-management> api status

 

API Settings:      

---------------------

Accessibility:                      Require all granted      

Automatic Start:                    Enabled                  

 

Processes:      

 

Name      State     PID       More Information

-------------------------------------------------

API       Started   2506                

CPM       Started   17351     Check Point Security Management Server is running and ready

FWM       Started   16758               

 

Port Details:      

-------------------

JETTY Internal Port:      50276          

APACHE Gaia Port:         443            

                          Apache port retrieved from: httpd-ssl.conf 

 

 

--------------------------------------------

Overall API Status: Started

--------------------------------------------

 

API readiness test SUCCESSFUL. The server is up and ready to receive connections

 

Notes:      

------------

To collect troubleshooting data, please run 'api status -s <comment>'

 

  • Testing login with testapi user on gaia

 

ssh admin@10.11.10.50

This system is for authorized use only.

admin@10.11.10.50's password: 

Last login: Sun Dec  9 08:51:05 2018 from 192.168.201.56

cp-security-management> mgmt login user testapi     

Enter password: 

cp-security-management> mgmt show api-versions

current-version: "1.1"

supported-versions: 

- "1"

- "1.1"

 

Thanks

Outcomes