RestAPI Authentication for Client Applications in JBoss BPM Suite

DZone 's Guide to

RestAPI Authentication for Client Applications in JBoss BPM Suite

JBoss BPM Suite 6.2 boasts loads of new awesome features. RestAPI is one of the best. Learn more about RestAPI authentication for client apps in JBoss BPM Suite.

· Integration Zone ·
Free Resource

For the astute JBoss BPM fan, it will not have escaped you that the community has been hard at work putting together a lot of new features for the upcoming JBoss BPM Suite 6.2 release.

With the early internal Red Hat releases not being made available, some of the testing I do around updating the array of demo projects we have has revealed a subtle change. It got me to thinking that I could point out a few of these tips and tricks to your as the product approaches delivery to the public.

The RestAPI is a much used feature of JBoss BPM Suite and one if the first changes you will bump into is that the user making use of the interface needs to have a new role added to their privileges.

If you use a previous client application that was connecting to JBoss BPM Suite, the user did not need a specific role. For example our Generic Loan demo project contains a client application to pre-load our process.

java -jar jboss-generic-loan-demo-client.jar erics bpmsuite1!

The results of this call in JBoss BPM Suite 6.2 without the new role would be:

Exception in thread "main" org.kie.services.client.api.command.exception.RemoteCommunicationException: Unable to retrieve content from response!

at org.kie.services.client.api.command.AbstractRemoteCommandObject.executeRestCommand(AbstractRemoteCommandObject.java:425)
at org.kie.services.client.api.command.AbstractRemoteCommandObject.executeCommand(AbstractRemoteCommandObject.java:128)
at org.kie.services.client.api.command.KieSessionClientCommandObject.startProcess(KieSessionClientCommandObject.java:286)
at com.redhat.bpms.examples.mortgage.CreateProcesses.populateSamples(CreateProcesses.java:57)
at com.redhat.bpms.examples.mortgage.CreateProcesses.main(CreateProcesses.java:47)
Caused by: org.kie.remote.common.rest.KieRemoteHttpRequestException: Unable to retrieve input stream of response
at org.kie.remote.common.rest.KieRemoteHttpRequest.responseStream(KieRemoteHttpRequest.java:1365)
at org.kie.remote.common.rest.KieRemoteHttpRequest.responseBuffer(KieRemoteHttpRequest.java:1383)
at org.kie.remote.common.rest.KieRemoteHttpRequest.responseBody(KieRemoteHttpRequest.java:1325)
at org.kie.remote.common.rest.KieRemoteHttpRequest.access$2100(KieRemoteHttpRequest.java:117)
at org.kie.remote.common.rest.KieRemoteHttpRequest$4.body(KieRemoteHttpRequest.java:1291)
at org.kie.services.client.api.command.AbstractRemoteCommandObject.executeRestCommand(AbstractRemoteCommandObject.java:404)
... 4 more

Caused by: java.net.HttpRetryException: cannot retry due to server authentication, in streaming mode
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1637)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1440)
at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:480)
at org.kie.remote.common.rest.KieRemoteHttpRequest.responseCode(KieRemoteHttpRequest.java:1305)
at org.kie.remote.common.rest.KieRemoteHttpRequest.post(KieRemoteHttpRequest.java:719)
at org.kie.services.client.api.command.AbstractRemoteCommandObject.executeRestCommand(AbstractRemoteCommandObject.java:392)
... 4 more

The role needs to be added to the file application-roles.properties and put into the standalone server directory, jboss-eap-6.4/standalone/configuration/application-roles.properties. For example, in our project you will find it looks like this:


Now when you run the client application to pre-load your processes you will see:

$ java -jar support/jboss-mortgage-demo-client.jar erics bpmsuite1!

Started process instances successfully!

For more details you can explore this in the Generic Loan demo project as found in JBoss Demo Central.

security ,jboss ,rest

Published at DZone with permission of Eric D. Schabell , DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}