rest api access denied

1
0
-1

Hi,

i am using bonitasoft community 5.10.2 and i have deployed bonita-rest and configured the jaas-standard , but when i test it i get error 403 : access denied,

the log :

oct. 20, 2014 12:28:28 PM org.apache.catalina.authenticator.AuthenticatorBase invoke Précis: Security checking request GET /bonita-server-rest/API/identityAPI/getAllUsers oct. 20, 2014 12:28:28 PM org.apache.catalina.realm.RealmBase findSecurityConstraints Précis: Checking constraint 'SecurityConstraint[BonitaSecuredMethods]' against GET /API/identityAPI/getAllUsers --> true oct. 20, 2014 12:28:28 PM org.apache.catalina.realm.RealmBase findSecurityConstraints Précis: Checking constraint 'SecurityConstraint[BonitaUncheckedMethods]' against GET /API/identityAPI/getAllUsers --> false oct. 20, 2014 12:28:28 PM org.apache.catalina.realm.RealmBase findSecurityConstraints Précis: Checking constraint 'SecurityConstraint[BonitaSecuredMethods]' against GET /API/identityAPI/getAllUsers --> true oct. 20, 2014 12:28:28 PM org.apache.catalina.realm.RealmBase findSecurityConstraints Précis: Checking constraint 'SecurityConstraint[BonitaUncheckedMethods]' against GET /API/identityAPI/getAllUsers --> false oct. 20, 2014 12:28:28 PM org.apache.catalina.authenticator.AuthenticatorBase invoke Précis: Calling hasUserDataPermission() oct. 20, 2014 12:28:28 PM org.apache.catalina.realm.RealmBase hasUserDataPermission Précis: User data constraint has no restrictions oct. 20, 2014 12:28:28 PM org.apache.catalina.authenticator.AuthenticatorBase invoke Précis: Calling authenticate() oct. 20, 2014 12:28:28 PM org.apache.catalina.realm.JAASRealm authenticate Précis: JAASRealm login requested for username "myusername" using LoginContext for application "BonitaRESTServer" oct. 20, 2014 12:28:28 PM org.apache.catalina.realm.JAASRealm authenticate Précis: Login context created myusername oct. 20, 2014 12:28:28 PM org.apache.catalina.realm.JAASRealm authenticate Précis: JAAS LoginContext created for username "myusername" oct. 20, 2014 12:28:28 PM org.apache.catalina.realm.JAASRealm createPrincipal Précis: Checking Principal "org.ow2.bonita.identity.auth.BonitaPrincipal@7a7c93" [org.ow2.bonita.identity.auth.BonitaPrincipal] oct. 20, 2014 12:28:28 PM org.apache.catalina.realm.JAASRealm createPrincipal Précis: Principal "myusername" is a valid user class. We will use this as the user Principal. oct. 20, 2014 12:28:28 PM org.apache.catalina.realm.JAASRealm createPrincipal Précis: Checking Principal "org.ow2.bonita.identity.auth.BonitaPrincipalRole@188a686" [org.ow2.bonita.identity.auth.BonitaPrincipalRole] oct. 20, 2014 12:28:28 PM org.apache.catalina.realm.JAASRealm createPrincipal Précis: Adding role Principal "Admin" to this user Principal's roles oct. 20, 2014 12:28:28 PM org.apache.catalina.realm.JAASRealm authenticate Précis: le nom d'utilisateur myusername a été authentifié avec succès oct. 20, 2014 12:28:28 PM org.apache.catalina.authenticator.AuthenticatorBase register Précis: Authenticated 'myusername' with type 'BASIC' oct. 20, 2014 12:28:28 PM org.apache.catalina.authenticator.AuthenticatorBase invoke Précis: Calling accessControl() oct. 20, 2014 12:28:28 PM org.apache.catalina.realm.RealmBase hasResourcePermission Précis: Checking roles GenericPrincipal[myusername(Admin,)] oct. 20, 2014 12:28:28 PM org.apache.catalina.realm.RealmBase hasRole Précis: Le nom d'utilisateur myusername N'A PAS de rôle restuser oct. 20, 2014 12:28:28 PM org.apache.catalina.realm.RealmBase hasResourcePermission Précis: No role found: restuser oct. 20, 2014 12:28:28 PM org.apache.catalina.authenticator.AuthenticatorBase invoke Précis: Failed accessControl() test

any idea ?

thank you,

No answers yet.
Notifications