Hi.

Im trying to implement my own security manager for BPM 6.4 running in EAP 6.4 also. in which every user with roles defined in a variable in configuration/standalone.xml i.e serverRole should access

For that purpose im trying with the following code, and trying to access some of the resources:

http://localhost:8080/business-central/

or

localhost:8080/business-central/rest/organizationalunits/.

What i get is the following error:

ERROR [org.jboss.resteasy.resteasy_jaxrs.i18n] (http-localhost.localdomain/127.0.0.1:8080-3) RESTEASY000100: Failed executing GET organizationalunits/: org.jboss.resteasy.spi.UnauthorizedException

Thanks in advance

package com.mycompany.module.loginmodule;


import java.io.IOException;
import java.security.Principal;
import java.security.acl.Group;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
import java.util.HashMap;


import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;


import org.jboss.security.SimpleGroup;
import org.jboss.security.SimplePrincipal;
import org.jboss.security.Util;
import org.jboss.security.auth.spi.AbstractServerLoginModule;
import org.jboss.crypto.digest.DigestCallback;




public class SimpleCustomLoginModule extends AbstractServerLoginModule
{
  private Principal identity;
  private char[] credential;
  private static final String SERVER_ROLE = "serverRole";
  private List<String> serverRoles;
  private static final String[] ALL_VALID_OPTIONS = { SERVER_ROLE };



  public void initialize(Subject subject, CallbackHandler callbackHandler,
    Map sharedState, Map options){
    System.out.println("Initialize");
    addValidOptions(ALL_VALID_OPTIONS);
    String strRoles = (String) options.get(SERVER_ROLE);
    serverRoles = Arrays.asList(strRoles.split("\\s"));
    super.initialize(subject, callbackHandler, sharedState, options);
  }

  // No password validations are made
  public boolean login() throws LoginException{
    System.out.println("GET LOGIN");
    String username = getUsername();
    try{
        identity = createIdentity(username);
        System.out.println("IDENTITY NAME :" + identity.getName());
    }
    catch(Exception e){
        throw new LoginException("Failed to create principal: "+ e.getMessage());
    }

    if( getUseFirstPass() == true ){
        sharedState.put("javax.security.auth.login.name", username);
        sharedState.put("javax.security.auth.login.password", credential);
    }
        super.loginOk = true;
        return true;
  }


  protected Principal getIdentity(){
        return identity;
  }




  protected String getUsername() {
        String username = null;
        NameCallback nc = new NameCallback("User name: ", "guest");
        Callback[] cb = {nc};
    try {
        callbackHandler.handle(cb);
        username = nc.getName();
    } catch (IOException e) {
        e.printStackTrace();
    } catch (UnsupportedCallbackException e) {
        e.printStackTrace();
    }
        return username;
  }




  protected Group[] getRoleSets() throws LoginException {
      System.out.println("GET ROLE SETS");
      Group roleGroup = new SimpleGroup("Roles");
      Group callerPrincipal = new SimpleGroup("CallerPrincipal");
      Group[] groups = { roleGroup, callerPrincipal };
      roleGroup.addMember(getIdentity());
      callerPrincipal.addMember(getIdentity());
      return groups;
  }
}