5 Replies Latest reply on Jun 4, 2014 1:39 AM by swiderski.maciej

Expose Servlet along with JBPM UI How?

tmcclure0501 Jun 2, 2014 7:15 PM

I want to define a servlet that exposes some functionality - not the complete JBPM UI- in order to do this I want to define a url that redirects to login.jsp/j_security_check and then calls GET on the original URL passed in. I cannot get this to work as the URL states it needs authorization - because I placed it in the following element in the web.xml:

<filter-mapping>

<filter-name>UberFire Security Filter</filter-name>

<url-pattern>/rest/*</url-pattern>

<url-pattern>/maven2/*</url-pattern>

<url-pattern>/org.kie.workbench.KIEWebapp/*</url-pattern>

<url-pattern>/process/*</url-pattern>

<url-pattern>*.erraiBus</url-pattern>

</filter-mapping>

I noticed the following defined:

<filter-mapping>

<filter-name>UberFire Security Filter</filter-name>

<url-pattern>/rest/*</url-pattern>

<url-pattern>/maven2/*</url-pattern>

<url-pattern>/org.kie.workbench.KIEWebapp/*</url-pattern>

<url-pattern>/process/*</url-pattern>

<url-pattern>*.erraiBus</url-pattern>

</filter-mapping>

<init-param>

<param-name>org.uberfire.auth.force.url</param-name>

<param-value>/org.kie.workbench.KIEWebapp/KIEWebapp.html</param-value>

</init-param>

And the following comment:

org.uberfire.auth.force.url lets us specify the location that UberFire redirects to following a successful authentication (login) attempt.

I want to go to the servlet passed in on the URL not forced to kie workbench - is this possible?

Tim

1. Re: Expose Servlet along with JBPM UI How?

swiderski.maciej Jun 3, 2014 1:35 AM (in response to tmcclure0501)

as soon as you'll make the URL (your servlet) to be secured behind JEE security and UF security filter then upon successful logon app server will redirect you to requested (and protected) resource. So that means you'll need to add your servlet mapping to both UF security filter and JEE security constraint list and that should to the work.

HTH
Actions
2. Re: Expose Servlet along with JBPM UI How?

tmcclure0501 Jun 3, 2014 8:49 AM (in response to swiderski.maciej)
Maciej,

I did not notice any security constraints being defined in the jboss web.xml - also I notice this being defined:
org.uberfire.auth.force.url lets us specify the location that UberFire redirects to following a successful authentication (login) attempt.
Does this mean all successful login will be redirected here?

Tim
Actions
3. Re: Expose Servlet along with JBPM UI How?

tmcclure0501 Jun 3, 2014 8:57 AM (in response to tmcclure0501)

Actually I was looking in the jetty web.xml - I see the constraint in the jboss web.xml - I will try modifying it.

Tim
Actions
4. Re: Expose Servlet along with JBPM UI How?

tmcclure0501 Jun 3, 2014 10:11 AM (in response to tmcclure0501)

<init-param>
      <param-name>org.uberfire.auth.force.url</param-name>
      <param-value>/org.kie.workbench.KIEWebapp/KIEWebapp.html</param-value>
    </init-param>

Maciej,

I got it to work by commenting out the lines specified above from the web.xml and everything seems to work. Not sure why you would want to force to a url anyway. Are there any reprecussions in commenting this out?

Tim
Actions
5. Re: Expose Servlet along with JBPM UI How?

swiderski.maciej Jun 4, 2014 1:39 AM (in response to tmcclure0501)

this force url is mostly for UI thing to always start with main page to load GWT modules properly. If the application works fine for your case it seems to be safe to keep it as is. Alternatively you'll need to check if you need to be actually protected by UberFire security or not. Might be enough to only rely on container security if you servlet does not refer to any UberFire functionality.

HTH
Actions

Go to original post