AnsweredAssumed Answered

WAS v2 Session Login

Question asked by dmk9450 on Apr 2, 2013
Latest reply on Apr 2, 2013 by dmk9450

Currently I am using the below curl statements in PHP to access and download different reports from the Qualys Guard WAS v2 using basic authentication. 

 

$host = "https://qualysapi.qualys.com/qps/rest/3.0/count/was/webapp";

 

$process = curl_init($host);

curl_setopt($process, CURLOPT_HTTPHEADER, array('Content-Type: application/xml', 'X-Requested-With: Curl'));

curl_setopt($process, CURLOPT_HEADER, 1);

curl_setopt($process, CURLOPT_USERPWD, $username. ":" . $password);

curl_setopt($process, CURLOPT_TIMEOUT, 30);

curl_setopt($process, CURLOPT_POST, 1);

curl_setopt($process, CURLOPT_POSTFIELDS, $PAYLOADNAME);

curl_setopt($process, CURLOPT_RETURNTRANSFER, TRUE);

$return = curl_exec($process);

 

I am hoping to move this over to a session based authentication using CURLOPT_COOKIEJAR and CURLOPT_COOKIEFILE like I have setup to access the 2.0 API, i.e.

 

$host = "https://qualysapi.qualys.com/api/2.0/fo/session/?action=login&username=$username&password=$password";

 

$process = curl_init($host);

curl_setopt($process, CURLOPT_HTTPHEADER, array('Content-Type: application/xml', 'X-Requested-With: Curl'));

curl_setopt($process, CURLOPT_HEADER, 1);

curl_setopt($process, CURLOPT_TIMEOUT, 30);

curl_setopt($process, CURLOPT_POST, 1);

curl_setopt($process, CURLOPT_POSTFIELDS, $PAYLOADNAME);

curl_setopt($process, CURLOPT_RETURNTRANSFER, TRUE);

curl_setop($process, CURLOPT_COOKIEJAR, "cookie.txt");

$return = curl_exec($process);

 

Unfortunately I have been unable to use this cookie to access any resources from my Qualys Guard WAS v2 scans.  My question is, Is there a way to access the Qualys Guard WAS v2 in a simiiar fashion to the second set of code above?

Outcomes