There is issue with connecting android app to latest OH3 M2 server.
When I try connect app show error:
Authentication failed. Please check configured username and password respectively the provided SSL client certificate(HTTP code 401)
So app somehow do not send compatible username and password to server. Probably best option will be to add Authentication Token instead of username and passwordâŠ
I see that openhab server is sace sensitive in username field and correct capitals in username has fix that issue.
But there is still isue with remote server which connecting to OpenHAB Cloud server.
App can normaly register to âFirebase Cloud Messagigngâ but looks like it canât access to sitemaps and produce error when access âhttps://SERVER/rest/sitemapsâ and crash with error âorg.openhab.habdroid.util.HttpClient$HttpException: OKâ
Log from server:
2020-11-06 06:24:56.028 [DEBUG] [io.openhabcloud.internal.CloudClient] - on(): request
2020-11-06 06:24:56.029 [DEBUG] [io.openhabcloud.internal.CloudClient] - Got request 266
2020-11-06 06:24:56.029 [DEBUG] [io.openhabcloud.internal.CloudClient] - {âhostâ:âSERVERâ,âcache-controlâ:âno-cacheâ,âaccept-encodingâ:âgzipâ,âuser-agentâ:âopenhab-cloud/0.0.1â}
2020-11-06 06:24:56.030 [DEBUG] [io.openhabcloud.internal.CloudClient] - Request method is GET
2020-11-06 06:24:56.030 [DEBUG] [io.openhabcloud.internal.CloudClient] - Jetty set header host = SERVER
2020-11-06 06:24:56.030 [DEBUG] [io.openhabcloud.internal.CloudClient] - Jetty set header cache-control = no-cache
2020-11-06 06:24:56.030 [DEBUG] [io.openhabcloud.internal.CloudClient] - Jetty set header accept-encoding = gzip
2020-11-06 06:24:56.030 [DEBUG] [io.openhabcloud.internal.CloudClient] - Jetty set header user-agent = openhab-cloud/0.0.1
2020-11-06 06:24:56.050 [DEBUG] [io.openhabcloud.internal.CloudClient] - Jetty finished receiving response header
2020-11-06 06:24:56.051 [DEBUG] [io.openhabcloud.internal.CloudClient] - Sent headers to request 266
2020-11-06 06:24:56.052 [DEBUG] [io.openhabcloud.internal.CloudClient] - {âheadersâ:{âTransfer-Encodingâ:âchunkedâ,âServerâ:âJetty(9.4.20.v20190813)â,âDateâ:âFri, 06 Nov 2020 06:24:56 GMTâ,âContent-Typeâ:âapplication/jsonâ},âresponseStatusCodeâ:200,âresponseStatusTextâ:âOKâ,âidâ:266}
2020-11-06 06:24:56.053 [DEBUG] [io.openhabcloud.internal.CloudClient] - Jetty received response content of size 2120
2020-11-06 06:24:56.054 [DEBUG] [io.openhabcloud.internal.CloudClient] - Sent content to request 266
2020-11-06 06:24:56.056 [DEBUG] [io.openhabcloud.internal.CloudClient] - Finished responding to request 266
2020-11-06 06:24:56.483 [DEBUG] [io.openhabcloud.internal.CloudClient] - on(): request
2020-11-06 06:24:56.483 [DEBUG] [io.openhabcloud.internal.CloudClient] - Got request 267
2020-11-06 06:24:56.484 [DEBUG] [io.openhabcloud.internal.CloudClient] - {âhostâ:âSERVERâ,âcache-controlâ:âno-cacheâ,âaccept-encodingâ:âgzipâ,âuser-agentâ:âopenhab-cloud/0.0.1â}
2020-11-06 06:24:56.484 [DEBUG] [io.openhabcloud.internal.CloudClient] - Request method is GET
2020-11-06 06:24:56.484 [DEBUG] [io.openhabcloud.internal.CloudClient] - Jetty set header host = SERVER
2020-11-06 06:24:56.484 [DEBUG] [io.openhabcloud.internal.CloudClient] - Jetty set header cache-control = no-cache
2020-11-06 06:24:56.484 [DEBUG] [io.openhabcloud.internal.CloudClient] - Jetty set header accept-encoding = gzip
2020-11-06 06:24:56.484 [DEBUG] [io.openhabcloud.internal.CloudClient] - Jetty set header user-agent = openhab-cloud/0.0.1
2020-11-06 06:24:56.488 [DEBUG] [io.openhabcloud.internal.CloudClient] - Jetty finished receiving response header
2020-11-06 06:24:56.489 [DEBUG] [io.openhabcloud.internal.CloudClient] - Sent headers to request 267
2020-11-06 06:24:56.490 [DEBUG] [io.openhabcloud.internal.CloudClient] - {âheadersâ:{âTransfer-Encodingâ:âchunkedâ,âServerâ:âJetty(9.4.20.v20190813)â,âDateâ:âFri, 06 Nov 2020 06:24:56 GMTâ,âContent-Typeâ:âapplication/jsonâ},âresponseStatusCodeâ:401,âresponseStatusTextâ:âOKâ,âidâ:267}
2020-11-06 06:24:56.490 [DEBUG] [io.openhabcloud.internal.CloudClient] - Jetty received response content of size 63
2020-11-06 06:24:56.491 [DEBUG] [io.openhabcloud.internal.CloudClient] - Sent content to request 267
2020-11-06 06:24:56.492 [WARN ] [io.openhabcloud.internal.CloudClient] - Jetty request 267 failed: HTTP protocol violation: Authentication challenge without WWW-Authenticate header
2020-11-06 06:24:56.492 [WARN ] [io.openhabcloud.internal.CloudClient] - Response Failure: HTTP protocol violation: Authentication challenge without WWW-Authenticate header
2020-11-06 06:24:56.494 [DEBUG] [io.openhabcloud.internal.CloudClient] - Finished responding to request 267
Looks like is related to Cloud server can please thread be moved into right forum?
After more researching it looks like openHAB Cloud addon canât access to API or do not receive correct authentication data in request.
Is possible that special characters in password like @ can produce problems when nginx and node process requests?
I will try today but I think that it is not issue and they are think about that⊠Probably openHAB Cloud addon do not or do not support authentication to API on same openHAB server and think that if run on it it can access to itâŠ
If @ is problem thatn also probably will be problem with username which must on openhabCloud contain @ âŠ
For example:
I see that if I enable in API âImplicit user role for unauthenticated requestsâ that access over cloud work. But my server in that case is not secured and everyone can without login access over API to items/sites and that is not option.
Is source code for cloud connect addon availible(That I check how it acces to API)?
Is there plan to add new security login to API with tokens(Probably new option in cloud addon to enter token?
Thats pretty much everything. What you will notice that it is a connection to openhab cloud which forwards some calls from public instance to yours without doing anything except basic credentials check.
Reason why it doesnt work for you is rather trivial and caused by cloud connector architecture. Openhab cloud rely on basic auth so you need to have the same credentials in both places (oh & oh cloud) to let it work.
If you have a missmatch and send OH credentials to openhabcloud it will mark request as unauthenticated and abstain from forwarding it.
Thanks for reply. I will check sources.
I have same username and password on both sides. On openHABCloud server account have master permissions and on OpenHAB server it have administrator permissions. Only issue which can be is that I use special characters in password and @ character at end of password. That I will try later today and if that is problem report that as bug otherwise there is some other issue beetween cloud and openhab serverâŠ
Im change password on openhab server and cloud server to one without @ in it and same thing happen so that special character in password is not issueâŠ
All right, in such case it looks more like a case where openhab-cloud removes authorization header and pass request without it. When OH receives it locally it refuses it.
Because Android app do not support API Token authentication it do not connect localy. To use also local connetion in API settings âAllow Basic Authenticationâ must be enabled. Then it work like this:
Local connection use basic authentication which is supported by android app
Remote connection use basic authentication to connect to Cloud server but then addon localy use API key to authenticate to openhab server.
That way you can have disabled âImplicit user role for unauthenticated requestsâ and prevent everyone in your local network to control your openhab serverâŠ
Now I need fix implementation of sendNotification() functions to get it work on OH3 and then if someone is interested to try/test it I can send jar file ⊠Im new at openhab developing so probably I will need more time to understand things and fix that
You donât have this API Token because this is custom version OpenHAB Cloud addon which Im made myself for my private OpenHAB Cloud to solve issues and overide âAllow Basic Authenticationâ issueâŠ
Iâm facing the same issue to setup local access from my app to my openhab. Iâm seeing below error:
[WARN ] [ore.io.rest.auth.internal.AuthFilter] - Unauthorized API request: Invalid Basic authentication credentials
thanks for sharing, I have added token as suggest on Android APP and also checked my âAllow Basic Authenticationâ is disable, is that true? Still not working
Maybe the issue you have and the one I had is not related to this original topic but I found enabling âallow Basic Authenticationâ and using my new OH 3.1 admin username/password in the local settings solved the problem for me. I didnât need to change anything in the remote settings. I couldnât find the API token as described in the Rest API link
Edited: I figured out how I was supposed to click on my profile name in the lower left hand corner of the openHAB Main UI to create an API token. I copy and pasted that entire text into the username of the android app and it now works even after turning âallow Basic Authenticationâ off.
