rest api access denied
Hi,
i am using bonitasoft community 5.10.2 and i have deployed bonita-rest and configured the jaas-standard , but when i test it i get error 403 : access denied,
the log :
oct. 20, 2014 12:28:28 PM org.apache.catalina.authenticator.AuthenticatorBase invoke Précis: Security checking request GET /bonita-server-rest/API/identityAPI/getAllUsers oct. 20, 2014 12:28:28 PM org.apache.catalina.realm.RealmBase findSecurityConstraints Précis: Checking constraint 'SecurityConstraint[BonitaSecuredMethods]' against GET /API/identityAPI/getAllUsers --> true oct. 20, 2014 12:28:28 PM org.apache.catalina.realm.RealmBase findSecurityConstraints Précis: Checking constraint 'SecurityConstraint[BonitaUncheckedMethods]' against GET /API/identityAPI/getAllUsers --> false oct. 20, 2014 12:28:28 PM org.apache.catalina.realm.RealmBase findSecurityConstraints Précis: Checking constraint 'SecurityConstraint[BonitaSecuredMethods]' against GET /API/identityAPI/getAllUsers --> true oct. 20, 2014 12:28:28 PM org.apache.catalina.realm.RealmBase findSecurityConstraints Précis: Checking constraint 'SecurityConstraint[BonitaUncheckedMethods]' against GET /API/identityAPI/getAllUsers --> false oct. 20, 2014 12:28:28 PM org.apache.catalina.authenticator.AuthenticatorBase invoke Précis: Calling hasUserDataPermission() oct. 20, 2014 12:28:28 PM org.apache.catalina.realm.RealmBase hasUserDataPermission Précis: User data constraint has no restrictions oct. 20, 2014 12:28:28 PM org.apache.catalina.authenticator.AuthenticatorBase invoke Précis: Calling authenticate() oct. 20, 2014 12:28:28 PM org.apache.catalina.realm.JAASRealm authenticate Précis: JAASRealm login requested for username "myusername" using LoginContext for application "BonitaRESTServer" oct. 20, 2014 12:28:28 PM org.apache.catalina.realm.JAASRealm authenticate Précis: Login context created myusername oct. 20, 2014 12:28:28 PM org.apache.catalina.realm.JAASRealm authenticate Précis: JAAS LoginContext created for username "myusername" oct. 20, 2014 12:28:28 PM org.apache.catalina.realm.JAASRealm createPrincipal Précis: Checking Principal "org.ow2.bonita.identity.auth.BonitaPrincipal@7a7c93" [org.ow2.bonita.identity.auth.BonitaPrincipal] oct. 20, 2014 12:28:28 PM org.apache.catalina.realm.JAASRealm createPrincipal Précis: Principal "myusername" is a valid user class. We will use this as the user Principal. oct. 20, 2014 12:28:28 PM org.apache.catalina.realm.JAASRealm createPrincipal Précis: Checking Principal "org.ow2.bonita.identity.auth.BonitaPrincipalRole@188a686" [org.ow2.bonita.identity.auth.BonitaPrincipalRole] oct. 20, 2014 12:28:28 PM org.apache.catalina.realm.JAASRealm createPrincipal Précis: Adding role Principal "Admin" to this user Principal's roles oct. 20, 2014 12:28:28 PM org.apache.catalina.realm.JAASRealm authenticate Précis: le nom d'utilisateur myusername a été authentifié avec succès oct. 20, 2014 12:28:28 PM org.apache.catalina.authenticator.AuthenticatorBase register Précis: Authenticated 'myusername' with type 'BASIC' oct. 20, 2014 12:28:28 PM org.apache.catalina.authenticator.AuthenticatorBase invoke Précis: Calling accessControl() oct. 20, 2014 12:28:28 PM org.apache.catalina.realm.RealmBase hasResourcePermission Précis: Checking roles GenericPrincipal[myusername(Admin,)] oct. 20, 2014 12:28:28 PM org.apache.catalina.realm.RealmBase hasRole Précis: Le nom d'utilisateur myusername N'A PAS de rôle restuser oct. 20, 2014 12:28:28 PM org.apache.catalina.realm.RealmBase hasResourcePermission Précis: No role found: restuser oct. 20, 2014 12:28:28 PM org.apache.catalina.authenticator.AuthenticatorBase invoke Précis: Failed accessControl() test
any idea ?
thank you,