Summary : This article explains how to query the AirWave XML API using cURL and the new X-BISCOTTI header requirement.
Introduction : Starting in AirWave 8.0.X the AirWave XML API now requires specifying an X-BISCOTTI header when making API requests. This article will show an example query of the AirWave XML API using cURL and this new header requirement.
Environment : AirWave 8.0.X versions XML API
Answer :
First we need to do an initial login to create an authentication cookie and get the X-BISCOTTI value.
[root@localhost mercury]# curl -k -D /tmp/hjar -c /tmp/cjar -d "credential_0=admin" -d "credential_1=admin" -d "destination=/" -d "login=Log In" https://10.0.6.10/LOGIN
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="/">here</a>.</p>
<hr>
<address>Apache Server at localhost.localdomain Port 80</address>
</body></html>
Next we can verify the contents of /tmp/cjar contains an authentication cookie and that /tmp/hjar contains the header response including the X-BISCOTTI value.
[root@localhost mercury]# cat /tmp/cjar
# Netscape HTTP Cookie File
# http://curl.haxx.se/rfc/cookie_spec.html
# This file was generated by libcurl! Edit at your own risk.
10.0.6.10 FALSE / TRUE 1415035555 Mercury::Handler::AuthCookieHandler_AMPAuth 9372d76ffaca0879cec19d84225eab0d
[root@localhost mercury]# cat /tmp/hjar
HTTP/1.1 302 Found
Date: Mon, 06 Oct 2014 16:26:19 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
X-CONTENT-TYPE-OPTIONS: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Set-Cookie: Mercury::Handler::AuthCookieHandler_AMPAuth=6153f42e8c05a1f9b3cc5e83660cd0aa; expires=Mon, 03 Nov 2014 17:26:19 GMT; path=/; secure
X-BISCOTTI: /UfiqpiCRcDRGRyl32SWDsw
Pragma: no-cache
Location: /
Content-Length: 256
Content-Type: text/html; charset=iso-8859-1
Expires: Mon, 06 Oct 2014 16:26:19 GMT
We may now query the AirWave XML API using the following cURL command which includes the X-BISCOTTI value from the /tmp/hjar output above:
[root@localhost mercury]# curl -k --header "X-BISCOTTI: /UfiqpiCRcDRGRyl32SWDsw" -b /tmp/cjar https://10.0.6.10/ap_list.xml
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<amp:amp_ap_list version="1" xmlns:amp="http://www.airwave.com" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.airwave.com amp_ap_list.xsd">
<ap id="9">
<device_category>other</device_category>
<group id="1">Access Points</group>
<is_up>true</is_up>
...output truncated...
This completes an AirWave XML API query with cURL using the new X-BISCOTTI header value.
Troubleshooting :
Confirm the values in /tmp/cjar and /tmp/hjar when making your initial login request. This will allow you to verify if you have successfully authenticated. Check the cURL manual for further information on options specified and additional options by running the "man curl" command.