Create User with REST API returns 500 error

Q&A
1

I am using pure java and an HttpUrlConnection with JDK 1.7. I am using Bonita 6.3 with Postgress. I can add more information if it is needed.

I have basic Java code that logs me in as a user. I get the session id, and with that I can get an existing user from the database with no issues.

With that session id, I am not trying to create my first user. I am not stranger to RESTful web-services and have created many of these along with consumers of those services. I can add my basic code here. This is using the same JSON as in their example, I matched it to the letter. I am very aware of how sensitive JSON parsing can be if something is off, but it does look like good JSON when I print out the JSON string.

private long createBonitaUser(String jSessionIdCookie, UserAccount userAccount) throws Exception { long userId = 0; 
	jsonUser = "{\"userName\":\"john.doe\",\"password\":\"bpm\",\"password_confirm\":\"bpm\",\"firstname\":\"John\",\"lastname\":\"Doe\"}";
	System.out.println("jsonUser=" + jsonUser);
			
	String link =   "http://localhost:8080/bonita/API/identity/user/";

	URL url = new URL(link);
	HttpURLConnection conn = (HttpURLConnection) url.openConnection();
	conn.setRequestMethod("POST");
	conn.setRequestProperty("Accept", "application/json");
	conn.setRequestProperty("Cookie", jSessionIdCookie);
	conn.setDoOutput(true);

	OutputStream os = conn.getOutputStream();
	os.write(jsonUser.getBytes());
	os.flush();
	System.out.println("conn.getResponseCode()=" + conn.getResponseCode());

	if (conn.getResponseCode() != 200)
            {
		throw new RuntimeException("Failed : HTTP error code : " + conn.getResponseCode());
	}

	BufferedReader br = new BufferedReader(new InputStreamReader((conn.getInputStream())));

	String output = br.readLine();
	System.out.println("Output from Server: output=" + output);

	return userId;
}

The error I get is as follows:

2014-12-22 15:20:54 org.bonitasoft.web.toolkit.server.servlet.ToolkitHttpServlet SEVERE: null java.lang.NullPointerException at org.bonitasoft.web.toolkit.client.common.json.JSonItemReader.parseItem(JSonItemReader.java:212) at org.bonitasoft.web.toolkit.client.common.json.JSonItemReader.parseItem(JSonItemReader.java:198) at org.bonitasoft.web.toolkit.client.common.json.JSonItemReader.parseItem(JSonItemReader.java:188) at org.bonitasoft.web.toolkit.client.common.json.JSonItemReader.parseItem(JSonItemReader.java:168) at org.bonitasoft.web.rest.server.framework.APIServletCall.getJSonStreamAsItem(APIServletCall.java:99) at org.bonitasoft.web.rest.server.framework.APIServletCall.doPost(APIServletCall.java:187) at org.bonitasoft.web.toolkit.server.servlet.ToolkitHttpServlet.doPost(ToolkitHttpServlet.java:188) at javax.servlet.http.HttpServlet.service(HttpServlet.java:643) at org.bonitasoft.web.toolkit.server.servlet.ToolkitHttpServlet.service(ToolkitHttpServlet.java:75) at javax.servlet.http.HttpServlet.service(HttpServlet.java:723) at org.bonitasoft.web.toolkit.server.servlet.ToolkitHttpServlet.service(ToolkitHttpServlet.java:226) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.bonitasoft.console.common.server.login.filter.AbstractAuthorizationFilter.doFilter(AbstractAuthorizationFilter.java:60) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.bonitasoft.console.common.server.login.filter.AbstractAuthorizationFilter.doFilter(AbstractAuthorizationFilter.java:60) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.bonitasoft.console.common.server.sso.filter.AuthenticationFilter.checkExistingSessionOrFiltering(AuthenticationFilter.java:262) at org.bonitasoft.console.common.server.sso.filter.AuthenticationFilter.checkExistingSessionOrFilteringAndManageException(AuthenticationFilter.java:144) at org.bonitasoft.console.common.server.sso.filter.AuthenticationFilter.doFilter(AuthenticationFilter.java:120) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103) at org.bonitasoft.console.security.SessionFixationValve.invoke(SessionFixationValve.java:77) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:861) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:606) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489) at java.lang.Thread.run(Thread.java:745)

I wish the error message was better to tell me exactly what is missing or what could not be found. In my own code, the Jackson2 JSON mapper is very good at writing out what the error might be.

Any help in this matter would be extremely helpful. Thanks!

2

Hi tholmes_1,

I think you are missing a parameter: “enabled”:“true”.
Please find below the payload you should send:

URL
http://localhost:8080/bonita/API/identity/user

METHOD:
POST

PAYLOAD: {“enabled”:“true”,“userName”:“john.doe”,“password”:“bpm”,“password_confirm”:“bpm”,“firstname”:“John”,“lastname”:“Doe”}

UPDATED:
In addition make sure that your request Content-Type is application/json.

For more information about REST API: http://documentation.bonitasoft.com/product-bos-sp/web-rest-api-0

Cheers,
Fabio

3

Nope! This did not solve the issue!

Per the documentation for 6.3, the example provided at:
http://documentation.bonitasoft.com/web-rest-api-examples-0#create_user
The payload did not need the parameter: “enabled”:“true”.
{“userName”:“john.doe”,“password”:“bpm”,“password_confirm”:“bpm”,“firstname”:“John”,“lastname”:“Doe”}

So, to test, I took the EXACT payload you sent, and tried it out, and I still get the error.
Specifically, I was looking at the exact spelling of “userName” and “firstname” and “lastname” just to make sure that was not the issue. I took the exact string of the JSON payload to make sure it matched up character by character.

4

I reproduced the error with a rest client plugin in my browser. Basically, the error is not on the payload content but on the request content-type. Make sure that the request header “content-type=application/json”.

In your code i see that you specified the setRequestProperty(“Accept”) but not “Content-Type”.

Does it work like this?

5

Yes! That did it for the POST! :slight_smile:

So, the POST looks like:

HttpURLConnection conn = (HttpURLConnection) url.openConnection(); conn.setRequestMethod("POST"); conn.setRequestProperty("Accept", "application/json"); conn.setRequestProperty("Content-Type", "application/json"); conn.setRequestProperty("Cookie", jSessionIdCookie); conn.setDoOutput(true);

OutputStream os = conn.getOutputStream();
os.write(jsonUser.getBytes()); // jsonUser is the JSON string payload as listed previously
os.flush();
System.out.println(“conn.getResponseCode()=” + conn.getResponseCode());

Thanks for the help!!!
Now can you point me to the code example that assigns a user to a role? Thanks again!

6

Yes, the solution is to use the membership resource: http://documentation.bonitasoft.com/identity-api#membership . Basically, you will have to create a a group, for example “RD”, a role, for example “Member” and create a membership ( role + group ) for your user, for example “Member of RD”.
Sounds good?

7

I didn’t want to have to create a group. I just want to assign a user to a role like I can in the UI. I’d like the payload to just be: {“user_id”:“101”,“role_id”:“1”}
That’s it, that’s all I want to do.

8

Can you please tell me the version of bonita bpm you’re using? are you sure you can do this in the UI? if yes, where?

9

We are using 6.3.8. I was wrong! You do need a group in order to add a role.
We have a default group we are using. So, I search for it by name to get the correct group id, and when I have the correct payload of user_id, group_id, and role_id, then it works.

I think I am all set! Thanks very much and Happy Holidays!

10

You’re welcome, happy holidays to you as well.