Rest-Api basic authentication fails

I use a XWiki with the build-in authentication. If I try to access some rest pages with this account this works without problems (in Firefox).

If I try the credentials in a curl command (like the example in the Rest-Documentation ) I get the following error:

{“code”:401,“contactEmail”:null,“description”:“The request requires user authentication”,“homeRef”:"/",“reasonPhrase”:“Unauthorized”,“uri”:“”}

Is there a simple reason why this won’t work? Where could I get more information whats going on?

XWiki-Version 12.2, openjdk version “1.8.0_265”

Hi @Zwixx,

Note that it might be sometimes error-prone to check accessing a protected resource in Firefox, since depending how you access it, you might actually use your current cookie session for the authentication. Typically if you have opened a session in a tab in your wiki, and you’re trying to perform a get in another tab on the REST API, you’ll actually use the same session for it. This is also true for some REST extensions.
Best if you want to really check on Firefox is by opening a private window for it.

First of all check the logs from your servlet engine (Tomcat or jetty, depending your installation, see:

Now I can imagine two reasons why you couldn’t get to your page:

  1. you didn’t provide right credentials, obviously, but I guess you check that already
  2. you actually made mistakes with your credentials while testing, and you blocked your account with the security mechanism ( Just try to login in the wiki, not using REST API but standard UI, and check if you’re asking for a CAPTCHA to solve: if that the case, then it was that. Just solve the captcha, and authenticate, and your REST call should work properly.

Firefox works fine. No Problem. That’s because I’m confused.

Yes, the log says:

3 times:
2020-10-12 18:11:25,604 [http://ddd.tld:8080/xwiki/rest/wikis/.../spaces/.../spaces/Addons/spaces/Listener/pages/WebHome] WARN nticationFailureLoggerListener
Authentication failure with login [RestUserName]
At last:
Okt 12, 2020 6:32:37 PM verify
WARNUNG: Cannot authenticate ‘RestUserName’.

yes, many times.

No, I logged in with Firefox, test while I’m logged in logged out and in… and so on.

The right user is in the logs, but no success on login.

Sounds like the 3 times it’s an authentication failure problem (so wrong credentials) and the final one, is because you blocked your account: you need to logout and login back on firefox with the captcha resolution.
Now if you’re using same credentials to login on firefox, I don’t see why it doesn’t work on curl, maybe a problem with some special characters? Maybe you could reset your password to something simpler for a simple test, and try back with a more complex one to see if the problem is not there?

No, the Account is not blocked.

I found a thing, that’s weird. The User I used is a User of a subwiki. The Admin credentials works. Is there a problem with Users of a subwiki?

Apparently there is: I just reproduced locally. I didn’t find an existing JIRA issue for it so I’ll create a new one.
[EDIT: I opened for it]