AnsweredAssumed Answered

How to authenticate the REST api with groovy HttpBuilder

Question asked by ngandriau on Sep 25, 2013
Hello,
I am really new to Activiti which is used in one of our application.
I'd like to monitor the number of process instances created and not terminated and I thought I will use the REST API for it.
We are using the 5.12 version of activiti.

I have been using a lot the groovy http builder extension to make rest calls http://groovy.codehaus.org/modules/http-builder/home.html
Even to make authenticate call like for the Artifactory http://www.jfrog.com/confluence/display/RTF/Artifactory+REST+API

But right now, I am not able to do it with activiti.

So that's what I have done so far:

- I have deployed the "activiti-rest.war" in my tomcat with our web-app which embed activiti engine.
- I have configured the database (mysql) in <TOMCAT_HOME>webapps/activiti-rest/WEB-INF/classes/db.properties
- I let the demo data creation so I have user like kermit:kermit in my db

- when I start tomcat, the activiti-rest webapp is correclty started.
- if I do the call from bash: "curl –basic –user kermit:kermit http://localhost:8080/activiti-rest/service/process-engine"
– I get the response:
{"name":"default","resourceUrl":"file:/home/ngandriau/Projects/oms/deploiement/tomcats/tomcat-fullstack/webapps/activiti-rest/WEB-INF/classes/activiti-context.xml","exception":null,"version":"5.12"}
– So I think that my setup is correct.

- No with groovy, I do the following. Full code gist: https://gist.github.com/ngandriau/6702830

def activitiRestClient = new RESTClient("http://localhost:8080")
activitiRestClient.auth.basic "kermit", "kermit"

– My rest client should be ready
– but the following call fails:

def response = activitiRestClient.get(
                path: "/activiti-rest/service/process-engine",
                contentType: ContentType.JSON,
                requestContentType: ContentType.JSON)


– with the following trace:

>> "GET /activiti-rest/service/process-engine HTTP/1.1[\r][\n]"
>> "Accept: application/json, application/javascript, text/javascript[\r][\n]"
>> "Host: localhost:8080[\r][\n]"
>> "Connection: Keep-Alive[\r][\n]"
>> "Accept-Encoding: gzip,deflate[\r][\n]"
>> "[\r][\n]"

<< "HTTP/1.1 403 Forbidden[\r][\n]"
<< "Date: Wed, 25 Sep 2013 17:14:44 GMT[\r][\n]"
<< "Accept-Ranges: bytes[\r][\n]"
<< "Server: Restlet-Framework/2.0.15[\r][\n]"
<< "Vary: Accept-Charset, Accept-Encoding, Accept-Language, Accept[\r][\n]"
<< "WWW-Authenticate: Basic realm="Activiti Realm"[\r][\n]"
<< "Content-Type: text/html;charset=UTF-8[\r][\n]"
<< "Content-Length: 407[\r][\n]"
<< "[\r][\n]"
<< "<html>[\n]"
<< "<head>[\n]"
<< "   <title>Status page</title>[\n]"
<< "</head>[\n]"
<< "<body style="font-family: sans-serif;">[\n]"
<< "<p style="font-size: 1.2em;font-weight: bold;margin: 1em 0px;">Forbidden</p>[\n]"
<< "<p>Authentication is required</p>[\n]"
<< "<p>You can get technical details <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.4">here</a>.<br>[\n]"
<< "Please continue your visit at our <a href="/">home page</a>.[\n]"
<< "</p>[\n]"
<< "</body>[\n]"
<< "</html>[\n]"


- As a last test, I tried a call which does not require authentication "/login" and this one works.

      def response1 = activitiRestClient.post(
                path: "/activiti-rest/service/login",
                body: """{
  "userId": "kermit",
  "password": "kermit"
}
""",
                contentType: ContentType.JSON,
                requestContentType: ContentType.JSON)
       println response1.data

– which gives the result:

>> "POST /activiti-rest/service/login HTTP/1.1[\r][\n]"
>> "Accept: application/json, application/javascript, text/javascript[\r][\n]"
>> "Content-Length: 49[\r][\n]"
>> "Content-Type: application/json[\r][\n]"
>> "Host: localhost:8080[\r][\n]"
>> "Connection: Keep-Alive[\r][\n]"
>> "Accept-Encoding: gzip,deflate[\r][\n]"
>> "[\r][\n]"
>> "{[\n]"
>> "  "userId": "kermit",[\n]"
>> "  "password": "kermit"[\n]"
>> "}[\n]"

<< "HTTP/1.1 200 OK[\r][\n]"
<< "Date: Wed, 25 Sep 2013 17:18:09 GMT[\r][\n]"
<< "Accept-Ranges: bytes[\r][\n]"
<< "Server: Restlet-Framework/2.0.15[\r][\n]"
<< "Vary: Accept-Charset, Accept-Encoding, Accept-Language, Accept[\r][\n]"
<< "Content-Type: application/json;charset=UTF-8[\r][\n]"
<< "Transfer-Encoding: chunked[\r][\n]"
<< "[\r][\n]"
<< "10[\r][\n]"
<< "{"success":true}"
<< "[\r][\n]"
<< "0[\r][\n]"
<< "[\r][\n]"

[success:true]


I really would like to keep using the groovy httpbuilder, so any help is welcome.

Thanks in advance

Nicolas

Outcomes