Hi all,

I running into a strange issue when trying to call a webMethods service SPECIFICALLY from a Grails web application. Using a RESTful service testing tool like Postman, the service runs fine.

I’m calling the webMethods service at server:port/invoke/package.folder/service. To access it, I need HTTP basic authentication which I provide in an ‘Authorization’ header. WITHOUT said Authorization, I get an Access Denied error no matter how I attempt to invoke the webMethods service (either Grails or Postman). The user in my Authorization block has access to the ACL that maintains permissions for the webMethods service, and when I employ that user in my Authorization header for Postman, I am successful.

In Grails, I use the following code to call my service:

def webmethods = new RESTClient('http://server:port', ContentType.JSON)
webmethods.auth.basic('safe_user','safe_user_pass')
def response = webmethods.post(path: '/invoke/package.folder/service', body: [json: map]) {
headers.'Authorization' = 'Basic ' + "safe_user:safe_user_pass".bytes.encodeBase64()
}

The second header for Authorization is included for extra safety with large “body” values.

When I check the webMethods admin console after executing the code above, I see that the service in question started in the Server logs, but ran for 0 seconds. I also see the following exception in the Error logs (photo attached on the topic; all errors in the photo have the same exception):

java.lang.NullPointerException: null
at com.wm.app.b2b.server.HTTPState.getBasicAuthenticatedUser(HTTPState.java:845)
at com.wm.app.b2b.server.HTTPState.getAuthenticatedUser(HTTPState.java:812)
at com.wm.app.b2b.server.HTTPState.processHeader(HTTPState.java:253)
at com.wm.app.b2b.server.Dispatch.processHeader(Dispatch.java:268)
at com.wm.app.b2b.server.Dispatch.run(Dispatch.java:365)
at com.wm.util.pool.PooledThread.run(PooledThread.java:119)
at java.lang.Thread.run(Thread.java:724)

I can’t find any documentation for HTTPState in the 9.5 documentation (which is what my server is running). My question is this: is there any reason why the “getBasicAuthenticatedUser” service would “lose” an Authorization header midway through a POST operation? Has anyone had any experience with calling webMethods directly from web applications using basic authentication? Is there any way to dig further into the HTTPState process to find out what NULL might be appearing?

Any thoughts or answers would be greatly appreciated.

Thanks.

https://higherlogicdownload.s3.amazonaws.com/IMWUC/webMethods/Files3/32febc2ac20f0decfe613ee94d0f9473d5283274_2_1035x205.png 1.5x, https://higherlogicdownload.s3.amazonaws.com/IMWUC/webMethods/Files3/32febc2ac20f0decfe613ee94d0f9473d5283274_2_1380x274.png 2x" data-dominant-color="E7E6D3">

Screen Shot 2015-02-24 at 3.25.12 PM.png2614×520 132 KB

Hi,

Why don’t you use a rest service for calling the flow service?
We provide rest services over the integration server to an webapp without any Problems.

In extended settings in the IS we set the following for our rest-services:
watt.server.RESTDirective=rest
Under security->ports we’ve added a new http Port for the package with rest-services.

We’ve call the rest services as follow:
http://:/rest//
and provide username and password as usual.

Regards

Michael