JBoss BPM Suite 6.2 - RestAPI authentication for client applications

For the astute JBoss BPM fan it will not have escaped you that the community has been hard at work putting together a lot of new features for the upcoming JBoss BPM Suite 6.2 release.

With the early internal Red Hat releases being made available, some of the testing I do around updating the array of demo projects we have has revealed a subtle change. It got me to thinking that I could point out a few of these tips and tricks to your as the product approaches delivery to the public.

The RestAPI is a much used feature of JBoss BPM Suite and one if the first changes you will bump into is that the user making use of the interface needs to have a new role added to their privileges.

If you use a previous client application that was connecting to JBoss BPM Suite, the user did not need a specific role. For example our Generic Loan demo project contains a client application to pre-load our process.

 java -jar jboss-generic-loan-demo-client.jar erics bpmsuite1!

The results of this call in JBoss BPM Suite 6.2 without the new role would be:

 
Exception in thread "main" org.kie.services.client.api.command.exception.RemoteCommunicationException: Unable to retrieve content from response!

at org.kie.services.client.api.command.AbstractRemoteCommandObject.executeRestCommand(AbstractRemoteCommandObject.java:425)
at org.kie.services.client.api.command.AbstractRemoteCommandObject.executeCommand(AbstractRemoteCommandObject.java:128)
at org.kie.services.client.api.command.KieSessionClientCommandObject.startProcess(KieSessionClientCommandObject.java:286)
at com.redhat.bpms.examples.mortgage.CreateProcesses.populateSamples(CreateProcesses.java:57)
at com.redhat.bpms.examples.mortgage.CreateProcesses.main(CreateProcesses.java:47)
Caused by: org.kie.remote.common.rest.KieRemoteHttpRequestException: Unable to retrieve input stream of response
at org.kie.remote.common.rest.KieRemoteHttpRequest.responseStream(KieRemoteHttpRequest.java:1365)
at org.kie.remote.common.rest.KieRemoteHttpRequest.responseBuffer(KieRemoteHttpRequest.java:1383)
at org.kie.remote.common.rest.KieRemoteHttpRequest.responseBody(KieRemoteHttpRequest.java:1325)
at org.kie.remote.common.rest.KieRemoteHttpRequest.access$2100(KieRemoteHttpRequest.java:117)
at org.kie.remote.common.rest.KieRemoteHttpRequest$4.body(KieRemoteHttpRequest.java:1291)
at org.kie.services.client.api.command.AbstractRemoteCommandObject.executeRestCommand(AbstractRemoteCommandObject.java:404)
... 4 more

Caused by: java.net.HttpRetryException: cannot retry due to server authentication, in streaming mode
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1637)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1440)
at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:480)
at org.kie.remote.common.rest.KieRemoteHttpRequest.responseCode(KieRemoteHttpRequest.java:1305)
at org.kie.remote.common.rest.KieRemoteHttpRequest.post(KieRemoteHttpRequest.java:719)
at org.kie.services.client.api.command.AbstractRemoteCommandObject.executeRestCommand(AbstractRemoteCommandObject.java:392)
... 4 more

The role needs to be added to the file application-roles.properties and put into the standalone server directory, jboss-eap-6.4/standalone/configuration/application-roles.properties. For example, in our project you will find it looks like this:

erics=analyst,admin,manager,user,loanOfficer,kie-server,rest-all

Now when you run the client application to pre-load your processes you will see:

$ java -jar support/jboss-mortgage-demo-client.jar erics bpmsuite1!

Started process instances successfully!

Looking to Automate your business?

For more details you can explore this in the Generic Loan demo project as found in JBoss Demo Central.