[jboss-user] [jBPM] - jbpm-console invocation of services & j_security_check

Thu Apr 28 11:01:59 EDT 2011

Janina Faggiano [http://community.jboss.org/people/jfaggiano] created the discussion

"jbpm-console invocation of services & j_security_check"

To view the discussion, visit: http://community.jboss.org/message/602570#602570

--------------------------------------------------------------
I'm trying to invoke the services of the console without using the gwt client. 
Whenever I request a service from my EJB throws me the following response.

<html>
<head>
  <title>HTTP 401</title> <!-- Do not remove -->
</head>
<body>
<form method="POST" action="j_security_check">

  <center/>
  <br><br>

  <div style="font-family:sans-serif;border:1px solid black; width:270;padding:15px;">
    <h2>BPM Console Server</h2>

    <table with=250>
    <tr>
      <td>Username:</td>
      <td><input type="text" name="j_username"></td>
    </tr>
    <tr>
      <td>Password:</td>
      <td><input type="password" name="j_password"></td>
    </tr>
    <tr>
      <td></td>
      <td align=right><input type="submit"/></td>
    </tr>
  </table>
  </div>
</form>
</body>
</html>

I was checking out the code in jbpm-gwt-console project, and before invoking any service gwt client authenticates against the server to access the services with the following code.

 String formAction = config.getConsoleServerUrl() + "/rs/identity/secure/j_security_check";
 RequestBuilder rb = new RequestBuilder(RequestBuilder.POST, formAction);
 rb.setHeader("Content-Type", "application/x-www-form-urlencoded");

 try
    {
      rb.sendRequest("j_username="+user+"&j_password="+pass, 
                new RequestCallback()
          {

            public void onResponseReceived(Request request, Response response)
            {
              ConsoleLog.debug("postLoginCredentials() HTTP "+response.getStatusCode());

              if(response.getText().indexOf("HTTP 401")!=-1) // HACK
              {
                if (callback != null)
                  callback.onLoginFailed(request, new Exception("Authentication failed"));
                else
                  throw new RuntimeException("Unknown exception upon login attempt");
              }
              else if(response.getStatusCode()==200) // it's always 200, even when the authentication fails
              {
                DeferredCommand.addCommand(
                    new Command()
                    {

                      public void execute()
                      {
                        requestAssignedRoles();
                      }
                    }
                );
              }
            }

My code in EJB for invoke service j_security_check is:

  URL url = new URL(" http://localhost:8080/gwt-console-server/rs/identity/secure/j_security_check http://localhost:8080/gwt-console-server/rs/identity/secure/j_security_check");
          HttpURLConnection connection = (HttpURLConnection) url.openConnection();
          connection.setRequestMethod(POST);
          connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
        connection.addRequestProperty("j_password", "krisv"); 
        connection.addRequestProperty("j_username", "krisv"); 

          // do request
          connection.connect();

The response is error LoginFailed.

The user krisv is ok for gwt-console-server.

Someone can help me with this.

Thanks
--------------------------------------------------------------

Reply to this message by going to Community
[http://community.jboss.org/message/602570#602570]

Start a new discussion in jBPM at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2034]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-user/attachments/20110428/a918e257/attachment-0001.html 