Bug 1209479 - Cannot query REST interface of business central from a REST task that uses default RestWorkItemHandler
Summary: Cannot query REST interface of business central from a REST task that uses de...
Keywords:
Status: CLOSED EOL
Alias: None
Product: JBoss BPMS Platform 6
Classification: Retired
Component: jBPM Core
Version: 6.1.0
Hardware: Unspecified
OS: Unspecified
high
medium
Target Milestone: DR1
: 6.2.0
Assignee: Alessandro Lazarotti
QA Contact: Ivo Bek
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-04-07 12:59 UTC by Jiri Svitak
Modified: 2020-03-27 20:05 UTC (History)
4 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2020-03-27 20:05:35 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)
RestTask.bpmn2 (13.79 KB, text/plain)
2015-04-07 12:59 UTC, Jiri Svitak 		no flags Details
Process with rest task that works properly (15.28 KB, application/xml)
2015-09-29 12:12 UTC, Maciej Swiderski 		no flags Details
View All


Links
System ID Private Priority Status Summary Last Updated
Red Hat Bugzilla 1086639 0 medium CLOSED REST Task fails with 401 when using business-central/rest endpoint 2021-02-22 00:41:40 UTC

Internal Links: 1086639

Description Jiri Svitak 2015-04-07 12:59:13 UTC 
Created attachment 1011749 [details]
RestTask.bpmn2

Description of problem:
Cannot query REST interface of business central from a REST task that uses default RestWorkItemHandler:
12:07:37,293 WARN  [org.jbpm.process.workitem.rest.RESTWorkItemHandler] (http-/127.0.0.1:8080-4) Unsuccessful response from REST server (status: 401, endpoint: http://localhost:8080/business-central/rest/organizationalunits/, response: <html><head><title>JBoss Web/7.5.7.Final-redhat-1 - JBWEB000064: Error report...

However Username and Password assignments were filled in correctly (bpmsAdmin and bpmsAdmin1!). After further investigation and checking of BZ1086639, it seems that constructor of REST work item handler needs to be changed like this:
new org.jbpm.process.workitem.rest.RESTWorkItemHandler("arbitrary","arbitrary")
This is necessary in order to set basic auth type. There is no other way to set auth type.
It does not matter what are the username and password fields, but this approach will enable http basic authentication:
https://github.com/droolsjbpm/jbpm/blob/6.2.x/jbpm-workitems/src/main/java/org/jbpm/process/workitem/rest/RESTWorkItemHandler.java#L128
Also this approach of initializing of a RestWorkItemHandler is problematic. Imagine you have multiple REST tasks in the process that need to log in to multiple REST endpoints using different auth methods.


Version-Release number of selected component (if applicable):
BPM Suite 6.1.0.CR1


Steps to Reproduce:
1. Setup BPM Suite 6.1.0.CR1 on EAP 6.4.0.CR2.
2. Create a project and put there the attached process model definition. (I queried http://localhost:8080/business-central/rest/organizationalunits/ using GET method.)
3. Build&deploy the project. I used PPI strategy in deployment descriptor and other configuration was default.
4. Go to Process Definitions screen and start RestTask process.
5. Check server.log. There will be 401 error.

Actual results:
Setting of Username and Password fields of a REST task is not enough by default to access business central REST API (it uses BASIC auth) and results in response 401 (Unauthorized).

Expected results:
1.) Http authentication type can be set in REST task assignments. 
2.) Http authentication type can be set in RestWorkItemHandler constructor. But this approach has drawbacks. Imagine multiple REST tasks and multiple remote REST endpoints with different credentials and auth methods. One RestWorkItemHandler with one configuration cannot handle that.

I think that approach 1.) is a better one.

Additional info:
EAP 6.4.0.CR2
Comment 1 Kris Verlaenen 2015-04-07 14:00:30 UTC 
It should already be possible to override the username/password assignments in the task itself:
https://github.com/droolsjbpm/jbpm/blob/6.2.x/jbpm-workitems/src/main/java/org/jbpm/process/workitem/rest/RESTWorkItemHandler.java#L281
Comment 2 Maciej Swiderski 2015-04-14 17:53:05 UTC 
you can now specify AuthenticationType as work item parameter with following:
parameter name: AuthType
parameter value: BASIC | FORM | NONE

jbpm
master:
https://github.com/droolsjbpm/jbpm/commit/7e0b6988b40633a01ff14ee43819dba9de8d16de
Comment 5 Ivo Bek 2015-09-25 10:22:05 UTC 
Verification Failed in BPM Suite 6.2.0.ER3

Url:
http://localhost:8080/business-central/rest/organizationalunits
AuthType:
BASIC

12:19:46,734 ERROR [org.guvnor.common.services.backend.exceptions.ExceptionUtilities] (http-/127.0.0.1:8080-5) Exception thrown: [bz1.process3:7 - REST:2] -- java.lang.IllegalArgumentException: Host name may not be null: org.jbpm.workflow.instance.WorkflowRuntimeException: [bz1.process3:7 - REST:2] -- java.lang.IllegalArgumentException: Host name may not be null
	at org.jbpm.workflow.instance.node.WorkItemNodeInstance.internalTrigger(WorkItemNodeInstance.java:149) [jbpm-flow-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	at org.jbpm.workflow.instance.impl.NodeInstanceImpl.trigger(NodeInstanceImpl.java:173) [jbpm-flow-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	at org.jbpm.workflow.instance.impl.NodeInstanceImpl.triggerNodeInstance(NodeInstanceImpl.java:366) [jbpm-flow-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	at org.jbpm.workflow.instance.impl.NodeInstanceImpl.triggerCompleted(NodeInstanceImpl.java:325) [jbpm-flow-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	at org.jbpm.workflow.instance.node.StartNodeInstance.triggerCompleted(StartNodeInstance.java:73) [jbpm-flow-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	at org.jbpm.workflow.instance.node.StartNodeInstance.internalTrigger(StartNodeInstance.java:44) [jbpm-flow-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	at org.jbpm.workflow.instance.impl.NodeInstanceImpl.trigger(NodeInstanceImpl.java:173) [jbpm-flow-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	at org.jbpm.ruleflow.instance.RuleFlowProcessInstance.internalStart(RuleFlowProcessInstance.java:35) [jbpm-flow-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	at org.jbpm.process.instance.impl.ProcessInstanceImpl.start(ProcessInstanceImpl.java:236) [jbpm-flow-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	at org.jbpm.workflow.instance.impl.WorkflowProcessInstanceImpl.start(WorkflowProcessInstanceImpl.java:439) [jbpm-flow-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	at org.jbpm.process.instance.ProcessRuntimeImpl.startProcessInstance(ProcessRuntimeImpl.java:208) [jbpm-flow-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	at org.jbpm.process.instance.ProcessRuntimeImpl.startProcessInstance(ProcessRuntimeImpl.java:217) [jbpm-flow-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	at org.jbpm.process.instance.ProcessRuntimeImpl.startProcess(ProcessRuntimeImpl.java:225) [jbpm-flow-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	at org.drools.core.impl.StatefulKnowledgeSessionImpl.startProcess(StatefulKnowledgeSessionImpl.java:1812) [drools-core-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	at org.drools.core.command.runtime.process.StartCorrelatedProcessCommand.execute(StartCorrelatedProcessCommand.java:146) [drools-core-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	at org.drools.core.command.runtime.process.StartCorrelatedProcessCommand.execute(StartCorrelatedProcessCommand.java:44) [drools-core-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	at org.drools.core.command.impl.DefaultCommandService.execute(DefaultCommandService.java:36) [drools-core-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	at org.drools.core.command.impl.AbstractInterceptor.executeNext(AbstractInterceptor.java:41) [drools-core-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	at org.drools.persistence.SingleSessionCommandService$TransactionInterceptor.execute(SingleSessionCommandService.java:584) [drools-persistence-jpa-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	at org.drools.core.command.impl.AbstractInterceptor.executeNext(AbstractInterceptor.java:41) [drools-core-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	at org.drools.persistence.jpa.OptimisticLockRetryInterceptor.execute(OptimisticLockRetryInterceptor.java:82) [drools-persistence-jpa-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	at org.drools.core.command.impl.AbstractInterceptor.executeNext(AbstractInterceptor.java:41) [drools-core-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	at org.drools.persistence.jta.TransactionLockInterceptor.execute(TransactionLockInterceptor.java:73) [drools-persistence-jpa-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	at org.drools.persistence.SingleSessionCommandService.execute(SingleSessionCommandService.java:377) [drools-persistence-jpa-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	at org.drools.core.command.impl.CommandBasedStatefulKnowledgeSession.startProcess(CommandBasedStatefulKnowledgeSession.java:529) [drools-core-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	at org.jbpm.kie.services.impl.ProcessServiceImpl.startProcess(ProcessServiceImpl.java:126) [jbpm-kie-services-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	at org.jbpm.services.cdi.impl.ProcessServiceCDIImpl$Proxy$_$$_WeldClientProxy.startProcess(ProcessServiceCDIImpl$Proxy$_$$_WeldClientProxy.java) [jbpm-services-cdi-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	at org.jbpm.console.ng.bd.backend.server.KieSessionEntryPointImpl.startProcess(KieSessionEntryPointImpl.java:78) [jbpm-console-ng-business-domain-backend-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	at org.jbpm.console.ng.bd.backend.server.KieSessionEntryPointImpl$Proxy$_$$_WeldClientProxy.startProcess(KieSessionEntryPointImpl$Proxy$_$$_WeldClientProxy.java) [jbpm-console-ng-business-domain-backend-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.8.0_60]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) [rt.jar:1.8.0_60]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.8.0_60]
	at java.lang.reflect.Method.invoke(Method.java:497) [rt.jar:1.8.0_60]
	at org.jboss.errai.bus.server.io.AbstractRPCMethodCallback.invokeMethodFromMessage(AbstractRPCMethodCallback.java:48) [errai-bus-3.2.0.Final-redhat-1.jar:3.2.0.Final-redhat-1]
	at org.jboss.errai.bus.server.io.ValueReplyRPCEndpointCallback.callback(ValueReplyRPCEndpointCallback.java:22) [errai-bus-3.2.0.Final-redhat-1.jar:3.2.0.Final-redhat-1]
	at org.jboss.errai.bus.server.io.RemoteServiceCallback.callback(RemoteServiceCallback.java:54) [errai-bus-3.2.0.Final-redhat-1.jar:3.2.0.Final-redhat-1]
	at org.jboss.errai.cdi.server.CDIExtensionPoints$2.callback(CDIExtensionPoints.java:396) [errai-weld-integration-3.0.6.Final-redhat-1.jar:3.0.6.Final-redhat-1]
	at org.jboss.errai.bus.server.DeliveryPlan.deliver(DeliveryPlan.java:47) [errai-bus-3.2.0.Final-redhat-1.jar:3.2.0.Final-redhat-1]
	at org.jboss.errai.bus.server.ServerMessageBusImpl.sendGlobal(ServerMessageBusImpl.java:296) [errai-bus-3.2.0.Final-redhat-1.jar:3.2.0.Final-redhat-1]
	at org.jboss.errai.bus.server.SimpleDispatcher.dispatchGlobal(SimpleDispatcher.java:46) [errai-bus-3.2.0.Final-redhat-1.jar:3.2.0.Final-redhat-1]
	at org.jboss.errai.bus.server.service.ErraiServiceImpl.store(ErraiServiceImpl.java:97) [errai-bus-3.2.0.Final-redhat-1.jar:3.2.0.Final-redhat-1]
	at org.jboss.errai.bus.server.service.ErraiServiceImpl.store(ErraiServiceImpl.java:114) [errai-bus-3.2.0.Final-redhat-1.jar:3.2.0.Final-redhat-1]
	at org.jboss.errai.bus.server.servlet.DefaultBlockingServlet.doPost(DefaultBlockingServlet.java:142) [errai-bus-3.2.0.Final-redhat-1.jar:3.2.0.Final-redhat-1]
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:754) [jboss-servlet-api_3.0_spec-1.0.2.Final-redhat-2.jar:1.0.2.Final-redhat-2]
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) [jboss-servlet-api_3.0_spec-1.0.2.Final-redhat-2.jar:1.0.2.Final-redhat-2]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:295) [jbossweb-7.5.10.Final-redhat-1.jar:7.5.10.Final-redhat-1]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb-7.5.10.Final-redhat-1.jar:7.5.10.Final-redhat-1]
	at org.uberfire.ext.security.server.SecureHeadersFilter.doFilter(SecureHeadersFilter.java:53) [uberfire-servlet-security-0.7.2.Final-redhat-1.jar:0.7.2.Final-redhat-1]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246) [jbossweb-7.5.10.Final-redhat-1.jar:7.5.10.Final-redhat-1]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb-7.5.10.Final-redhat-1.jar:7.5.10.Final-redhat-1]
	at org.uberfire.ext.security.server.SecurityIntegrationFilter.doFilter(SecurityIntegrationFilter.java:45) [uberfire-servlet-security-0.7.2.Final-redhat-1.jar:0.7.2.Final-redhat-1]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246) [jbossweb-7.5.10.Final-redhat-1.jar:7.5.10.Final-redhat-1]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb-7.5.10.Final-redhat-1.jar:7.5.10.Final-redhat-1]
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:231) [jbossweb-7.5.10.Final-redhat-1.jar:7.5.10.Final-redhat-1]
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:149) [jbossweb-7.5.10.Final-redhat-1.jar:7.5.10.Final-redhat-1]
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:512) [jbossweb-7.5.10.Final-redhat-1.jar:7.5.10.Final-redhat-1]
	at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50) [jboss-as-jpa-7.5.3.Final-redhat-2.jar:7.5.3.Final-redhat-2]
	at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50) [jboss-as-jpa-7.5.3.Final-redhat-2.jar:7.5.3.Final-redhat-2]
	at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169) [jboss-as-web-7.5.3.Final-redhat-2.jar:7.5.3.Final-redhat-2]
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:150) [jbossweb-7.5.10.Final-redhat-1.jar:7.5.10.Final-redhat-1]
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97) [jbossweb-7.5.10.Final-redhat-1.jar:7.5.10.Final-redhat-1]
	at org.apache.catalina.authenticator.SingleSignOn.invoke(SingleSignOn.java:419) [jbossweb-7.5.10.Final-redhat-1.jar:7.5.10.Final-redhat-1]
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102) [jbossweb-7.5.10.Final-redhat-1.jar:7.5.10.Final-redhat-1]
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344) [jbossweb-7.5.10.Final-redhat-1.jar:7.5.10.Final-redhat-1]
	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:854) [jbossweb-7.5.10.Final-redhat-1.jar:7.5.10.Final-redhat-1]
	at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:653) [jbossweb-7.5.10.Final-redhat-1.jar:7.5.10.Final-redhat-1]
	at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:926) [jbossweb-7.5.10.Final-redhat-1.jar:7.5.10.Final-redhat-1]
	at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_60]
Caused by: org.jbpm.bpmn2.handler.WorkItemHandlerRuntimeException: java.lang.IllegalArgumentException: Host name may not be null
	at org.jbpm.process.workitem.AbstractLogOrThrowWorkItemHandler.handleException(AbstractLogOrThrowWorkItemHandler.java:55) [jbpm-workitems-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	at org.jbpm.process.workitem.AbstractLogOrThrowWorkItemHandler.handleException(AbstractLogOrThrowWorkItemHandler.java:38) [jbpm-workitems-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	at org.jbpm.process.workitem.rest.RESTWorkItemHandler.executeWorkItem(RESTWorkItemHandler.java:267) [jbpm-workitems-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	at org.drools.persistence.jpa.processinstance.JPAWorkItemManager.internalExecuteWorkItem(JPAWorkItemManager.java:69) [drools-persistence-jpa-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	at org.jbpm.workflow.instance.node.WorkItemNodeInstance.internalTrigger(WorkItemNodeInstance.java:138) [jbpm-flow-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	... 67 more
Caused by: java.lang.IllegalArgumentException: Host name may not be null
	at org.apache.http.util.Args.notBlank(Args.java:65) [httpcore-4.3.3.redhat-1.jar:4.3.3.redhat-1]
	at org.apache.http.HttpHost.<init>(HttpHost.java:81) [httpcore-4.3.3.redhat-1.jar:4.3.3.redhat-1]
	at org.jbpm.process.workitem.rest.RESTWorkItemHandler.doRequestWithAuthorization(RESTWorkItemHandler.java:425) [jbpm-workitems-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	at org.jbpm.process.workitem.rest.RESTWorkItemHandler.doRequestWithAuthorization(RESTWorkItemHandler.java:378) [jbpm-workitems-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	at org.jbpm.process.workitem.rest.RESTWorkItemHandler.executeWorkItem(RESTWorkItemHandler.java:236) [jbpm-workitems-6.3.0.Final-redhat-1.jar:6.3.0.Final-redhat-1]
	... 69 more
Comment 6 Maciej Swiderski 2015-09-29 12:12:21 UTC 
Created attachment 1078308 [details]
Process with rest task that works properly

attached is a process that I used to reproduce the issue although it does work properly

Ivo, do you mind giving it a try or upload one that fails for you?
Comment 7 Ivo Bek 2015-09-29 12:40:49 UTC 
Maciej, I retested it with your process model and it really works fine. My model was broken by designer for some reason. After I changed url, username and password in the xml editor, my process started working too. If I find the cause, I will file a BZ to fix the designer.

Verified in BPM Suite 6.2.0.ER3
Note You need to log in before you can comment on or make changes to this bug.