Controller (SaaS, On Premise)

cancel
Showing results for 
Search instead for 
Did you mean: 

Accessing the SAAS Rest APIs through a corporate Proxy - curl command

SOLVED
Ashley.Lewis
Maker

Accessing the SAAS Rest APIs through a corporate Proxy - curl command

Can someone assist with the command to access the Rest APIs of the SAAS controller using curl command? I want to do this through the corporate proxy

 

This is what I have so far but I am facing an Authentication 401 Unauthorized Error

curl -v --proxy http://proxyusername:password@proxyaddress:proxyport --user username@account:password https://SAASURL/controller/rest/applications

 

Is there something I am missing?

 

The username@account:password is working outside the corporate proxy.



Learn more about me in the Community Member Spotlight Q & A
Accessing the SAAS Rest APIs through a corporate Proxy - curl command
6 REPLIES 6
Ryan.Paredez
Community Manager

Re: Accessing the SAAS Rest APIs through a corporate Proxy - curl command

Hi @Ashley.Lewis,

 

I found a few existing Community posts that seem related. Please have a look and let me know if they help.

 

401 unauthorized in Rest Api and REST API access 401 error 


Thanks,
Ryan, AppDynamics Community Manager



Found something helpful? Click the Accept as Solution button to help others find answers faster.
Liked something? Click the Thumbs Up button.
Ashley.Lewis
Maker

Re: Accessing the SAAS Rest APIs through a corporate Proxy - curl command

Hi Ryan,

 

Thank you for the response. Those posts did not help actually.

 

I am already using a locally created account and I am able to successfully call the API outside the Corporate Proxy using this user.

 

The second post also points to the account being improper which is not the problem in my case as I get it to successfuly work outside the Proxy.



Learn more about me in the Community Member Spotlight Q & A
Ryan.Paredez
Community Manager

Re: Accessing the SAAS Rest APIs through a corporate Proxy - curl command

Hi @Ashley.Lewis,

 

Thanks for letting me know. Let's see if the Community can jump in and offer a solution or workaround. If I find any posts or info, I will share it here as a reply. 


Thanks,
Ryan, AppDynamics Community Manager



Found something helpful? Click the Accept as Solution button to help others find answers faster.
Liked something? Click the Thumbs Up button.
Mario.Morelli
Architect

Re: Accessing the SAAS Rest APIs through a corporate Proxy - curl command

Hi Ashley

 

When you do a curl test to the AppDynamics URL using the proxy what response do you get?

 

curl -I -x <proxy hostname>:<proxy port> --proxy-user username:password https://<appd fqdn>.saas.appdynamics.com

 

And also what proxy server are you using , nginx, squid?

 

Ciao



Learn more about me in the Community Member Spotlight Q & A
Ashley.Lewis
Maker

Re: Accessing the SAAS Rest APIs through a corporate Proxy - curl command

Hi Mario,

 

These are the outputs that I get

 

Without Proxy - Successfully returned application list

curl -vk --user internaluser@SAASAccount:dummypwd https://SAASAccount.saas.appdynamics.com/controller/rest/applications
* Trying x.x.x.x...
* TCP_NODELAY set
* Connected to SAASAccount.saas.appdynamics.com (x.x.x.x) port 443 (#0)
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* Server certificate:
* subject: C=US; ST=California; L=San Francisco; O=AppDynamics LLC; CN=*.saas.appdynamics.com
* start date: Jun 30 00:00:00 2020 GMT
* expire date: Sep 8 12:00:00 2021 GMT
* issuer: C=US; O=DigiCert Inc; CN=DigiCert SHA2 Secure Server CA
* SSL certificate verify ok.
* Server auth using Basic with user 'internaluser@SAASAccount'
> GET /controller/rest/applications HTTP/1.1
> Host: SAASAccount.saas.appdynamics.com
> Authorization: Basic ZXh0YWRtaW5AZmFidGVzdGRldjpFeHRBZG1pbjEyMyQ=
> User-Agent: curl/7.50.3
> Accept: */*
>
< HTTP/1.1 200 OK
< Content-Type: application/xml
< Date: Mon, 11 Jan 2021 14:10:52 GMT
< Server: AppDynamics
< Set-Cookie: JSESSIONID=1c90d1821ed443f4d6b77e2c4f51; Path=/controller; HttpOnly; Secure
< X-Content-Type-Options: nosniff
< X-Frame-Options: SAMEORIGIN
< X-XSS-Protection: 1; mode=block
< Content-Length: 3859
< Connection: keep-alive
<
<applications><application>....


With Proxy - 401 Authentication Error

curl --anyauth -vk --proxy http://myproxy.dummy.com:8080 -U proxyUser -u internaluser@SAASAccount --proxy-anyauth https://SAASAccount.saas.appdynamics.com/controller/rest/applications
Enter host password for user 'internaluser@SAASAccount':
Enter proxy password for user 'proxyUser':
* Trying x.x.x.x...
* TCP_NODELAY set
* Connected to myproxy.dummy.com (x.x.x.x) port 8080 (#0)
* Establish HTTP proxy tunnel to SAASAccount.saas.appdynamics.com:443
> CONNECT SAASAccount.saas.appdynamics.com:443 HTTP/1.1
> Host: SAASAccount.saas.appdynamics.com:443
> User-Agent: curl/7.50.3
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 200 Connection established
<
* Proxy replied OK to CONNECT request
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* Server certificate:
* subject: C=US; ST=California; L=San Francisco; O=AppDynamics LLC; CN=*.saas.appdynamics.com
* start date: Jun 30 00:00:00 2020 GMT
* expire date: Sep 8 12:00:00 2021 GMT
* issuer: C=A; ST=City; L=City; O=First City; OU=Dummy IT; CN=Dummy Proxy CA; emailAddress=DummyITSecOps@dummy.com
* SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
> GET /controller/rest/applications HTTP/1.1
> Host: SAASAccount.saas.appdynamics.com
> User-Agent: curl/7.50.3
> Accept: */*
>
< HTTP/1.1 401 Unauthorized
< Date: Mon, 11 Jan 2021 14:13:17 GMT
< Server: AppDynamics
< WWW-Authenticate: BASIC realm="controller_realm"
< X-Content-Type-Options: nosniff
< Content-Length: 0
< Cache-Control: proxy-revalidate
< Proxy-Connection: Keep-Alive
< Connection: Keep-Alive
< Set-Cookie: BCSI-CS-15847fdf143cdb98=1; Path=/
< Proxy-support: Session-based-authentication
<
* Curl_http_done: called premature == 0
* Connection #0 to host myproxy.dummy.com left intact
* Issue another request to this URL: 'https://SAASAccount.saas.appdynamics.com/controller/rest/applications'
* Found bundle for host SAASAccount.saas.appdynamics.com: 0x20082c68 [can pipeline]
* Re-using existing connection! (#0) with proxy myproxy.dummy.com
* Connected to myproxy.dummy.com (x.x.x.x) port 8080 (#0)
* Server auth using Basic with user 'internaluser@SAASAccount'
> GET /controller/rest/applications HTTP/1.1
> Host: SAASAccount.saas.appdynamics.com
> Authorization: Basic ZXh0YWRtaW5AZmFidGVzdGRldjpFeHRBZG1pbjEyMyQ=
> User-Agent: curl/7.50.3
> Accept: */*
>
< HTTP/1.1 401 Unauthorized
< Date: Mon, 11 Jan 2021 14:13:17 GMT
< Server: AppDynamics
* Authentication problem. Ignoring this.
< WWW-Authenticate: BASIC realm="controller_realm"
< X-Content-Type-Options: nosniff
< Content-Length: 0
< Cache-Control: proxy-revalidate
< Proxy-Connection: Keep-Alive
< Connection: Keep-Alive
< Set-Cookie: BCSI-CS-15847fdf143cdb98=1; Path=/
< Proxy-support: Session-based-authentication
<
* Curl_http_done: called premature == 0
* Connection #0 to host myproxy.dummy.com left intact

 

I'm not sure about the proxy that is in place in the organization. Is that supposed to make a difference to the behavior?



Learn more about me in the Community Member Spotlight Q & A
Ashley.Lewis
Maker

Re: Accessing the SAAS Rest APIs through a corporate Proxy - curl command

I was able to get this to work by using the curl command with a header token instead of passing the username and password using an api client user. It looks like it is potentially a problem of the proxy not passing the parameters of username and password on to AppDynamics SAAS.



Learn more about me in the Community Member Spotlight Q & A