I am running BonitaBPM community version 6.2.3 on OSX Mountain Lion. I am starting the application and then using the Advanced Rest Client Chrome app to test the REST api. I am having an issue with the loginservice call when setting the redirect=false parameter. If I leave out redirect=false or put in redirect=true the call works (with a 302 response of course).

Since I am trying to use JavaScript with AJAX to call the rest API the 302 response is undesired due to the issues retrieving the cookie from the response headers so I would like to use the redirect=false parameter.

Here is the call that does not work:

Post to http://localhost:8080/bonita/loginservice

Content-Type: application/x-www-form-urlencoded payload "username=walter.bates&password=bpm&redirect=false"

Response: 500 Internal Server Error

Apache Tomcat/6.0.37 - Error report

HTTP Status 500 -

type Exception report

message

description The server encountered an internal error that prevented it from fulfilling this request.

exception

java.lang.NullPointerException
	org.bonitasoft.console.common.server.login.servlet.URLProtector.protectRedirectUrl(URLProtector.java:33)
	org.bonitasoft.console.common.server.login.servlet.LoginServlet.doPost(LoginServlet.java:89)
	org.bonitasoft.console.common.server.login.servlet.LoginServlet.doGet(LoginServlet.java:70)
	javax.servlet.http.HttpServlet.service(HttpServlet.java:617)
	javax.servlet.http.HttpServlet.service(HttpServlet.java:723)

note The full stack trace of the root cause is available in the Apache Tomcat/6.0.37 logs.

Apache Tomcat/6.0.37

bonita.2014-03-10.log file: Mar 10, 2014 2:09:27 PM org.bonitasoft.console.server.listener.StudioWatchdogListener$1 run WARNING: Bonita Studio watchdog process has started on 6969 with a delay of 20000ms Mar 10, 2014 2:09:39 PM org.apache.catalina.core.StandardWrapperValve invoke SEVERE: Servlet.service() for servlet loginService threw exception java.lang.NullPointerException at org.bonitasoft.console.common.server.login.servlet.URLProtector.protectRedirectUrl(URLProtector.java:33) at org.bonitasoft.console.common.server.login.servlet.LoginServlet.doPost(LoginServlet.java:89) at javax.servlet.http.HttpServlet.service(HttpServlet.java:643) at javax.servlet.http.HttpServlet.service(HttpServlet.java:723) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103) at org.bonitasoft.console.security.SessionFixationValve.invoke(SessionFixationValve.java:77) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:861) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:606) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489) at java.lang.Thread.run(Thread.java:695) Any advise would be appreciated.

Hi,

this is an issue with our code. A workaround is to add redirectUrl= at the end of your url.

http://localhost:8080/bonita/loginservice?username=walter.bates&password=bpm&redirect=false&redirectUrl=

Let me know if it works for you.

Vincent

That did it, thanks!

Hi,

this issue exists only in 6.2.3 and 6.2.4.

so if you're in 6.2.2,6.2.1,.. you must use: http://localhost:8080/bonita/loginservice?username=walter.bates&password=bpm&redirect=false

if you're using 6.2.3 or 6.2.4 you will use: http://localhost:8080/bonita/loginservice?username=walter.bates&password=bpm&redirect=false&redirectUrl=

Karim

Thanks a lot Vincent, great answer.