Blog

Overview:

The error "Server returned HTTP response code: 401 for URL" occurs when running CSDT commands from the command-line.

Symptom:

If you're using Oracle WebCenter Sites 11gR1 BP1, the following error will occur when running CSDT commands from the command-line:

java.io.IOException: Server returned HTTP response code: 401 for URL: http://<www.mydomain.com>/cs/ContentServer?pagename=OpenMarket/Xcelerate/PrologA...
/Publish/csdt/CSDTService&command=listds&username=fwadmin&password=mypwd&includeDeps=true
&idMapping=true&resources=%40SITE&datastore=myds

The 401 error occurs with ANY CSDT command from the command-line.

You may also notice the error "Insufficient privileges" when calling the same URL from the command-line (but it works fine in your browser). For example:

curl http://<www.mydomain.com>/cs/ContentServer?pagename=OpenMarket/Xcelerate/PrologA...
/Publish/csdt/CSDTService&command=listds&username=fwadmin&password=mypwd&includeDeps=true
&idMapping=true&resources=%40SITE&datastore=myds

returns the response:

Insufficient privileges

Reason:

BP1 has tighter restrictions on HTTP POST which lock down the CSDT command-line servlet. (Note: this is NOT the case on the plain-vanilla 11gR1 - the security was really tightened as of version 11gR1 BP1.) You'll see an authentication filter registered in your web.xml file in BP1 that isn't there on pre-BP1 releases.

Resolution:

Modify the file <webapps-folder>/cs/WEB-INF/ReqAuthConfig.xml. Change (roughly) line 21 to read the following:

<value>/ContentServer?[pagename=fatwire/wem/sso/ssoLogin|OpenMarket/Xcelerate/Actions/ProcessQueue
|OpenMarket/Xcelerate/Actions/CleanTempObjects|OpenMarket/Xcelerate/Search/Event
|OpenMarket/Xcelerate/PrologActions/Publish/csdt/CSDTService,#]</value>

Restart your app server after the change, then try running the CSDT command again.

Applies to:

Oracle WebCenter Sites 11gR1 BP1