Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

neo4j REST API Authentication and Authorization

Tags:

neo4j

I input

http://localhost:7474/user/neo4j

on the web browser and I receive the message:

{
"errors" : [ {
"message" : "No authorization header supplied.",
"code" : "Neo.ClientError.Security.AuthorizationFailed"
} ]
}

I search the document on neo4j and it says that:

Authenticate by sending a username and a password to Neo4j using HTTP Basic Auth. Requests should include an Authorization header, with a value of Basic <payload>, where "payload" is a base64 encoded string of "username:password".

Example request

GET http://localhost:7474/user/neo4j
Accept: application/json; charset=UTF-8
Authorization: Basic bmVvNGo6c2VjcmV0 

Example response

200: OK
Content-Type: application/json; charset=UTF-8 

I'm using web browser to view information, how can I "include an Authorization header" in web browser(Firefox)? I don't understand what it says. How to input these example request?

like image 274
anhtv13 Avatar asked Feb 09 '23 12:02

anhtv13


1 Answers

The simplest way to pass the authentication header with just your browser is to use in-URL authentication:

http://username:password@localhost:7474/user/neo4j


More generally, when testing REST APIs, it's best to use a command-line tool such as curl rather than a browser. If you're on Linux/Mac then you're likely to have curl already installed. If you're on Windows there are downloads of curl available.

Curl allows you to fine-tune the headers you send as follows:

curl --header 'Authorization: Basic dGVzdDp0ZXN0' 'http://localhost:7474/user/neo4j'

Or more simply you can use the --user option:

curl --user 'myusername:mypassword' 'http://localhost:7474/user/neo4j'

Purely as an aside, the WWW-Authenticate header in the response from Neo4J is as follows:

WWW-Authenticate: None

If instead it contained a value for the scheme and realm, then Firefox would have popped up a dialogue prompting you for a username and password:

WWW-Authenticate: Basic realm="WallyWorld"

Upon entering the username/password, FF would send a subsequent request with the appropriate Authorization header containing the base64-encoded value of the provided username:password.

More detailed info on HTTP Basic Authentication is given here: HTTP Basic Authentication

like image 61
Ben Rowland Avatar answered Feb 28 '23 23:02

Ben Rowland