Created attachment 885299 [details] bpmn process Description of problem: You can't use built-in rest task for querying *OUR* own REST API. The likely reason for this is that our rest api does not use basic auth but some sort of mixed one so you need to set AUTH_HEADER manually. This is apparently not possible with the current implementation of REST Task, this capability needs to be added - so use can configure it via task variable which will be handled correctly in the handler class. Testing/using REST Task with business-central/rest URL is very often case. Version-Release number of selected component (if applicable): bpm 6.0.0 bpm 6.0.1 How reproducible: always Steps to Reproduce: 1. Configure rest task with url which points to business-central rest api 2. start the process 3. Actual results: REST Task configured with url pointing to business-central/rest endpoint fails with 401 Expected results: REST Task configured with url pointing to business-central/rest endpoint is properly executed Additional info: I have attached simple project which I have used for testing as well as the error I have received in the server.log - it's standard 401 displayed in JBoss.
Created attachment 885300 [details] 401
It would be neat if there shouldn't be any additional configuration, but handler class would recognize our own rest endpoint and executed the necessary authentication.
there are two issues that need to be addressed: 1. we need to use preemptive authentication and this has already been fixed by https://issues.jboss.org/browse/JBPM-4298 on master 2. specify default user and password for the RestWorkItemHandler in the CustomWorkItemHandler.conf file it can be as simple as two empty string with that REST work item handler works fine with kie-wb REST api. So it should be enough to back port the jira. As it comes for the other case we might want to first handler to change the auth type when user and password is given as parameters. As currently it is globally configured per handler instance. Votes?
The jira mentioned in comment 6 will be included in 6.1 version so the remaining part is to configure handler to use BASIC authentication. My vote is to stick with what we have now and if needed reconfigure it using deployment descriptors per kjar/project. What do you think?
any project can enable rest work item handler to use basic auth that allows to use business central REST api without an issue. gunner asset mgmt stuff actually uses it, see here [1] how it can be enabled in deployment descriptor and then user name and password can be given as work item parameters. Note that you can give actual user name and password in deployment descriptor as well though it will not be encrypted in any way. [1] https://github.com/droolsjbpm/guvnor/blob/master/guvnor-asset-mgmt/guvnor-asset-mgmt-project/src/main/resources/META-INF/kie-deployment-descriptor.xml#L29 Marking as modified as with proper configuration REST work item handler can interact with business central REST api.
Failed in BPMS 6.1.0.ER3 Every REST operation requested within a process instance timeouts because it cannot commit a session. I will attach the server log. To reproduce the same problem: 1) Create a new project 2) Configure Deployment Descriptor to set the username and password. For example: new org.jbpm.process.workitem.rest.RESTWorkItemHandler("ibek","ibek1234;") 3) Create a BPMN process definition consisting of a REST service task starting a new process. For example: http://localhost:8080/business-central/rest/runtime/org.jboss:integration:2.0.0-SNAPSHOT/process/org.jboss.qa.bpms.ScriptTask/start 4) Build and deploy the project 5) Start the process with REST service task - notice the form won't disappear and an error dialog will show up. The important thing is, that the REST operation is executed (new process started, signal sent, ...) however the parent process will fail.
Created attachment 970631 [details] server log Attached the server log. Notice the line from the server log below: 16:33:28,677 INFO [stdout] (http-localhost.localdomain/127.0.0.1:8080-1) Hello World!!! That means, the REST start process operation was actually executed.
Ivo, do you by any change use singleton session and both processes are in the same project/kjar?
Verified in BPMS 6.1.0.ER3 As Maciej assumed, the problems were caused by use of singleton session. After change to per process instance session and adding Multi-Version Concurrency Control (MVCC), executions of REST operations worked fine. Thank you, Maciej
We have discovered a limitation of the current solution, see BZ1209479. Http authentication method of a REST task cannot be explicitly set. It can be set only indirectly like this new org.jbpm.process.workitem.rest.RESTWorkItemHandler("ibek","ibek1234;") see [1]. This means a limitation, because imagine a process definition which has several REST tasks, where each one uses a different remote endpoint and a different auth method. One configuration of one RestWorkItemHandler cannot handle that. Documentation team, can you please document this? [1] https://github.com/droolsjbpm/jbpm/blob/6.2.x/jbpm-workitems/src/main/java/org/jbpm/process/workitem/rest/RESTWorkItemHandler.java#L128
Afaik this should be possible, you can use "Username" and "Password" parameters to override the defaults provided in the constructor: https://github.com/droolsjbpm/jbpm/blob/6.2.x/jbpm-workitems/src/main/java/org/jbpm/process/workitem/rest/RESTWorkItemHandler.java#L281
Kris, have you read the linked bugzilla description? You can set "Username" and "Password" as you say, but the problem is elsewhere. You cannot set explicitly http auth type.
Yes, you can't use different auth type currently (you can only override username/password), I suggest you open a new BZ as feature request to tackle this part.