Project

General

Profile

Task #7903

Need to implement/support the default http methods - HEAD and GET on all DataONE API (both cn and mn)

Added by Matthew Jones about 5 years ago. Updated about 5 years ago.

Status:
New
Priority:
Normal
Assignee:
Category:
d1_cn_rest
Target version:
-
Start date:
2016-10-07
Due date:
% Done:

0%

Story Points:
Sprint:

Description

Developers on the Whole Tale project at NCSA reported a bug in the HTTP HEAD request for our resolve service URIs. Example output below to reproduce the error.

Expected: a status code of 200

xarth@shakuras ~ $ curl --head https://cn.dataone.org/cn/v2/resolve/urn%3Auuid%3Ae9ff8bfe-f12d-4630-a6f1-f3eab740be6f
HTTP/1.1 500 Internal Server Error
Date: Fri, 07 Oct 2016 23:00:14 GMT
Server: Apache/2.2.22 (Ubuntu)
Content-Length: 260
Access-Control-Allow-Origin:
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization, Content-Type, Location, Content-Length, x-annotator-auth-token
Access-Control-Expose-Headers: Content-Length, Content-Type, Location
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Vary: Accept-Encoding
Connection: close
Content-Type: text/xml;charset=UTF-8

xarth@shakuras ~ $ curl --head https://knb.ecoinformatics.org/knb/d1/mn/v2/object/urn%3Auuid%3Ae9ff8bfe-f12d-4630-a6f1-f3eab740be6f
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2016 23:00:48 GMT
Server: Apache/2.4.7 (Ubuntu)
Set-Cookie: JSESSIONID=7DC18368F71D5D9948371B3C33437E8B; Path=/knb/; Secure
DataONE-Checksum: SHA-1,927a11b6e46b771c9922083814f6ee8e5b09f696
Last-Modified: Thu, 01 Jan 1970 00:00:00 GMT
DataONE-ObjectFormat: application/octet-stream
DataONE-SerialVersion: 0
Content-Length: 2809655736
Access-Control-Allow-Origin:
Access-Control-Allow-Credentials: true
Content-Type: text/xml

History

#1 Updated by Jing Tao about 5 years ago

I think the reason that the command gets the internal error is our DataONE rest API doesn't support the "HEAD" method for the "resolve". The "resolve" only supports the "GET" http method.

I saw those error on cn-stage-2:
20161008-00:52:25: [DEBUG]: URI Template variables for request [/v2/resolve/0e945ef6-48e1-433c-9962-e7cebb6b9ebd] are {} [org.springframework.web.servlet.mvc.annotation.DefaultAnnotationHandlerMapping]
20161008-00:52:25: [DEBUG]: Mapping [/v2/resolve/0e945ef6-48e1-433c-9962-e7cebb6b9ebd] to HandlerExecutionChain with handler [org.dataone.cn.rest.proxy.controller.v2.CNReadController@107bdc6] and 1 interceptor [org.springframework.web.servlet.mvc.annotation.DefaultAnnotationHandlerMapping]
20161008-00:52:25: [DEBUG]: Last-Modified value for [/cn/v2/resolve/0e945ef6-48e1-433c-9962-e7cebb6b9ebd] is: -1 [org.springframework.web.servlet.DispatcherServlet]
20161008-00:52:25: [DEBUG]: Resolving exception from handler [org.dataone.cn.rest.proxy.controller.v2.CNReadController@107bdc6]: org.springframework.web.HttpRequestMethodNotSupportedException: Request method 'HEAD' not supported [org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerExceptionResolver]
20161008-00:52:25: [DEBUG]: Could not complete request [org.springframework.web.servlet.DispatcherServlet]
org.springframework.web.HttpRequestMethodNotSupportedException: Request method 'HEAD' not supported

If we specify the "GET" method on the curl command, it will work:

valley:metacat tao$ curl --head -X GET https://cn.dataone.org/cn/v2/resolve/urn%3Auuid%3Ae9ff8bfe-f12d-4630-a6f1-f3eab740be6f
HTTP/1.1 303 See Other
Date: Sat, 08 Oct 2016 00:57:51 GMT
Server: Apache/2.2.22 (Ubuntu)
Set-Cookie: JSESSIONID=51113F8C98820CBC1FA2CEB21A201D8E; Path=/cn/; Secure; HttpOnly
Location: https://knb.ecoinformatics.org/knb/d1/mn/v2/object/urn:uuid:e9ff8bfe-f12d-4630-a6f1-f3eab740be6f
Content-Length: 491
Access-Control-Allow-Origin:
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization, Content-Type, Location, Content-Length, x-annotator-auth-token
Access-Control-Expose-Headers: Content-Length, Content-Type, Location
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Vary: Accept-Encoding
Content-Type: text/xml;charset=UTF-8

#2 Updated by Matthew Jones about 5 years ago

My interpretation of HTTP 1.1 is that GET and HEAD methods are required for all servers, while other methods are optional. See in particular section 4.1 of RFC 7231, which says:

https://tools.ietf.org/html/rfc7231#page-21

All general-purpose servers MUST support the methods GET and HEAD.
All other methods are OPTIONAL.
...
However, the set of allowed
methods can change dynamically. When a request method is received
that is unrecognized or not implemented by an origin server, the
origin server SHOULD respond with the 501 (Not Implemented) status
code. When a request method is received that is known by an origin
server but not allowed for the target resource, the origin server
SHOULD respond with the 405 (Method Not Allowed) status code.

Even if you ignore the first sentence, then the status code should still be 501 (not Implemented) or 405 (Method Not Allowed), rather than internal server error.

#3 Updated by Dave Vieglais about 5 years ago

Although this observation is particular to the resolve method, it is broadly applicable. DataONE offers services over the HTTP protocol. Hence, it is necessary to always default to the protocol specifications when actions are not defined in the DataONE API specifications.

#4 Updated by Jing Tao about 5 years ago

  • Subject changed from HEAD request on CN resolve service returns internal service error to Need to implement/support the default http methods - HEAD and GET on all DataONE API (both cn and mn)

Yeah, we need support them. I modified the title of the ticket as well.

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 14.8 MB)