3. Prerequisites

To automate access to the CUD REST interface a tool is required that will allow authentication using the GSS Negotiate protocol with a Kerberos service principal keytab. The following tools offer this functionality and have been successfully tested to work with the CUD REST interface.

However, these tools are not the only way to access the CUD REST interface, there is no reason why programmatic solutions should not be developed if you have a requirement to.

3.1. curl

The curl tool may be used as long as it has been compiled with GSS-Negotiate and SSL support. Compiling with GSS-Negotiate support is dependent upon the availability of particular Kerberos libraries. The MacOS and linux operating systems are examples for which curl has been packaged with built-in GSS-Negotiate support, while curl built for the Windows OS may not have been.

To verify whether your version of curl has support for SSL and GSS-Negotiate, invoke curl with the '--version' option, as in the following example:
$ curl --version curl 7.21.0 (x86_64-pc-linux-gnu) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3.4 libidn/1.15 libssh2/1.2.6 Protocols: dict file ftp ftps http https imap imaps ldap ldaps pop3 pop3s rtsp scp sftp smtp smtps telnet tftp Features: GSS-Negotiate IDN IPv6 Largefile NTLM SSL libz

If you see "GSS-Negotiate" and "SSL" in the third line of the output ("Features") you can use curl for this.

If the "GSS-Negotiate" (Negotiate authentication) feature is missing you can alternatively use the java-based command-line tool.

3.2. NegotiateRestClient.jar (supplied on request)

To use this tool you must have installed the prerequisite Java SE (Standard Edition) Runtim Environment (JRE). This is available as a free download from http://java.oracle.com . Alternatively an equivalent OpenJDK edition can be installed if it is available for your OS platform. The minimum required Java Runtime Environment (JRE) version is Java 7.

When the JRE is installed the tool can be invoked as follows:

$ java -jar NegotiateRestClient.jar

If a JRE is successfully installed, the output should include an error message, and a usage message

resembling the following:

usage: java -jar NegotiateRestClient.jar [options] -c,--config <arg> use specified login configuration file -D,--debug enables extra debug output, use when verbose error reporting is required -d,--data <arg> sends the specified data in a GET request to the HTTP server (required if -f/--upload-file not provided). The data will be appended to the URL with a '?' separator. -f,--upload-file <arg> streams data from a file and sends the data in a POST request to the HTTP server as part of a multipart/formdata request suitable for large files (overrides -d/--data and -f/--file-data) -G,--get DEPRECATED -h,--help display this message - all other options are ignored if this option is specified -k,--krb5-conf use specified krb5.conf file -m,--login-module DEPRECATED -o,--output-file <arg> output file. If ommitted the output will be send to the console. -u,--url <arg> the target URL

Up: Contents Previous: 2. Parameters Next: 4. Requesting Access