0 Replies Latest reply on Apr 28, 2011 11:01 AM by jfaggiano

    jbpm-console invocation of services & j_security_check

    jfaggiano

      I'm trying to invoke the services of the console without using the gwt client.

      Whenever I request a service from my EJB throws me the following response.

       

       

      <html>

      <head>

        <title>HTTP 401</title> <!-- Do not remove -->

      </head>

      <body>

      <form method="POST" action="j_security_check">

       

       

        <center/>

        <br><br>

       

       

        <div style="font-family:sans-serif;border:1px solid black; width:270;padding:15px;">

          <h2>BPM Console Server</h2>

       

          <table with=250>

          <tr>

            <td>Username:</td>

            <td><input type="text" name="j_username"></td>

          </tr>

          <tr>

            <td>Password:</td>

            <td><input type="password" name="j_password"></td>

          </tr>

          <tr>

            <td></td>

            <td align=right><input type="submit"/></td>

          </tr>

        </table>

        </div>

      </form>

      </body>

      </html>

       

      I was checking out the code in jbpm-gwt-console project, and before invoking any service gwt client authenticates against the server to access the services with the following code.

       

      String formAction = config.getConsoleServerUrl() + "/rs/identity/secure/j_security_check";

      RequestBuilder rb = new RequestBuilder(RequestBuilder.POST, formAction);

      rb.setHeader("Content-Type", "application/x-www-form-urlencoded");

       

      try

          {

            rb.sendRequest("j_username="+user+"&j_password="+pass,

                      new RequestCallback()

                {

       

                  public void onResponseReceived(Request request, Response response)

                  {

                    ConsoleLog.debug("postLoginCredentials() HTTP "+response.getStatusCode());

       

       

                    if(response.getText().indexOf("HTTP 401")!=-1) // HACK

                    {

                      if (callback != null)

                        callback.onLoginFailed(request, new Exception("Authentication failed"));

                      else

                        throw new RuntimeException("Unknown exception upon login attempt");

                    }

                    else if(response.getStatusCode()==200) // it's always 200, even when the authentication fails

                    {

                      DeferredCommand.addCommand(

                          new Command()

                          {

       

       

                            public void execute()

                            {

                              requestAssignedRoles();

                            }

                          }

                      );

                    }

                  }

       

       

      My code in EJB for invoke service j_security_check is:

       

        URL url = new URL("http://localhost:8080/gwt-console-server/rs/identity/secure/j_security_check");

                HttpURLConnection connection = (HttpURLConnection) url.openConnection();

                connection.setRequestMethod(POST);

                connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");

              connection.addRequestProperty("j_password", "krisv");

              connection.addRequestProperty("j_username", "krisv");

       

                // do request

                connection.connect();

       

       

      The response is error LoginFailed.

       

      The user krisv is ok for gwt-console-server.

       

      Someone can help me with this.

       

      Thanks