4 Replies Latest reply on Apr 12, 2013 4:36 AM by rigazilla

    Problem with jbpm-console (business-central) in BRMS server

    jmiguel77

      Hi

       

      I am trying to access the REST api that is included in the BRMS server, but the problem is that the brms-central-server has FORM authentication by default:

       

      <login-config>

          <auth-method>FORM</auth-method>

          <form-login-config>

            <form-login-page>/login.html</form-login-page>

            <form-error-page>/login_failed.html</form-error-page>

          </form-login-config>

        </login-config>

       

      And i have found no way to access the REST resources with a client that handles that kind of authentication. So, i changed it to BASIC auth:

       

      <login-config>

          <auth-method>BASIC</auth-method>

          <realm-name>GWT Console Server</realm-name>

        </login-config>

       

      This i did, by editing the file in brms-standalone-5.3.0/jboss-as/server/default/deploy/business-central-server.war/WEB-INF/web.xml. After this change, i am able to interact with the REST resources.

       

      But, the jbpm console gui (/business-central/app.html) is not working anymore. I introduced the correct user / password and cannot login to the jbpm console.

       

      What else do i need to configure to have both systems working correctly ??

        • 1. Re: Problem with jbpm-console (business-central) in BRMS server
          mohreece

          Hi Jose,

           

          Maybe not the answer to the question you're asking, but it may be one that addresses your problem: you can access the Business Central REST API, but it's a little 'tricky' to getting around the form authentication to get there.

           

          When you first access the API with e.g. the Apache DefaultHttpClient, the response will contain the HTML containing the form. Upon that response, you need to POST the credentials:

           

          {code}

                  final DefaultHttpClient httpClient = new DefaultHttpClient();

                  final String url = BUSINESS_CENTRAL_REST_BASE_URL + RESOURCE_PATH + "/j_security_check";

           

                  final List<NameValuePair> formParms = new ArrayList<NameValuePair>();

                  formParms.add(new BasicNameValuePair("j_username", BUSINESS_CENTRAL_USER_NAME));

                  formParms.add(new BasicNameValuePair("j_password", BUSINESS_CENTRAL_PASSWORD));

           

                  String responseString = null;

                  try {

                      final HttpPost httpPost = new HttpPost(url);

                      httpPost.setEntity(new UrlEncodedFormEntity(formParms, "UTF-8"));

           

                      final HttpResponse response = httpClient.execute(httpPost);

                      responseString = EntityUtils.toString(response.getEntity());

                      EntityUtils.consume(response.getEntity());

                  } catch (final Exception e) {

                      e.printStackTrace();

                  }

          {code}

           

          When this returns with an HTTP 200 response you can retry your original request - which should succeed.

           

          Basically, this is the same scenario that a browser goes through in the case of form authentication. Now one can certainly argue that this kind of authentication doesn't belong on a (true) REST interface, as it relies on server state (you only log in once per session, and the server remembers your credentials for that session) which goes against REST's principle of stateless-ness. But I guess for now we just have to make do with the implementation the Business Central server is providing us...

          1 of 1 people found this helpful
          • 2. Re: Problem with jbpm-console (business-central) in BRMS server
            rigazilla

            Hi Jose,

             

            I also need to run the jbpm-console with basic authentication.

             

            Did you find a solution to this problem?

             

            Thanks,

            Vittorio

            • 3. Re: Problem with jbpm-console (business-central) in BRMS server
              jmiguel77

              Hi Vittorio

               

              Sadly no, i had to build my solution working against the form authentication

               

              I can help you with some code, if you need it

              • 4. Re: Problem with jbpm-console (business-central) in BRMS server
                rigazilla

                Hi Jose,

                 

                we decided to go for a separated war for our rest services with basic authentication.

                 

                So basically this will be our arch:

                gwt-console + server as is, with form auth

                war with business rest service with basic auth

                 

                Thanks for you offer to share you code with us!

                 

                Ciao,

                Vittorio