AnsweredAssumed Answered

Login to Explorer webapp through rest or automated form filler

Question asked by zorro1212 on Oct 8, 2015
Latest reply on Oct 20, 2015 by zorro1212
Hello,
I am trying to use the rest api to login to the explorer webapp. I using the webapp through an iframe, so I am limited in my options to integrate the webapp since the host site is written in ruby. I have tried this url http://localhost:8080/activiti-rest/service/login, which clearly does not work, and returns a 401 code. I followed the user guide and included the content type and accept as application/json. From the user guide I have not seen anything that talks about this or on the forums, where most questions are directed towards starting a process from rest. Is there a way to do this using rest? I would like to limit the amount of custom code in activiti and keep it more on the ruby side. Another method that I have tried is to use a ruby gem that fills forms, however because of the VAADIN script I have been unable to post anything to the form and have it submit. For this, I used the mechanize gem on the url's http://localhost:8080/activiti-webapp-explorer2-5.18.0/activiti-webapp-explorer2-5.18.0/ui/APP/2/login, http://localhost:8080/activiti-webapp-explorer2-5.18.0/ui/1/loginHandler, and neither of them worked. Any help would be greatly appreciated.

PS: Curl requests to the endpoints mentioned in different forums topics do work, and I can login manually. Furthermore, the rest and explorer both point to the same database.I dont think this is a CORS problem since I have also added this to the tomcat web.xml :
<filter>
    <filter-name>CorsFilter</filter-name>
    <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
    <init-param>
        <param-name>cors.allowed.origins</param-name>
        <param-value>*</param-value>
    </init-param>
    <init-param>
        <param-name>cors.allowed.methods</param-name>
        <param-value>GET,POST,HEAD,OPTIONS,PUT</param-value>
    </init-param>
    <init-param>
        <param-name>cors.allowed.headers</param-name>
        <param-value>Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers</param-value>
    </init-param>
    <init-param>
        <param-name>cors.exposed.headers</param-name>
        <param-value>Access-Control-Allow-Origin,Access-Control-Allow-Credentials</param-value>
    </init-param>
    <init-param>
        <param-name>cors.support.credentials</param-name>
        <param-value>true</param-value>
    </init-param>
    <init-param>
        <param-name>cors.preflight.maxage</param-name>
        <param-value>10</param-value>
    </init-param>
</filter>
<filter-mapping>
    <filter-name>CorsFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

Outcomes