Hyland Connect

zorro1212 · ‎10-09-2015

Hello,
I am trying to use the rest api to login to the explorer webapp. I using the webapp through an iframe, so I am limited in my options to integrate the webapp since the host site is written in ruby. I have tried this url http://localhost:8080/activiti-rest/service/login, which clearly does not work, and returns a 401 code. I followed the user guide and included the content type and accept as application/json. From the user guide I have not seen anything that talks about this or on the forums, where most questions are directed towards starting a process from rest. Is there a way to do this using rest? I would like to limit the amount of custom code in activiti and keep it more on the ruby side. Another method that I have tried is to use a ruby gem that fills forms, however because of the VAADIN script I have been unable to post anything to the form and have it submit. For this, I used the mechanize gem on the url's http://localhost:8080/activiti-webapp-explorer2-5.18.0/ui/APP/2/login, http://localhost:8080/activiti-webapp-explorer2-5.18.0/ui/1/loginHandler, and neither of them worked. Any help would be greatly appreciated.

PS: Curl requests to the endpoints mentioned in different forums topics do work, and I can login manually. Furthermore, the rest and explorer both point to the same database.I dont think this is a CORS problem since I have also added this to the tomcat web.xml :
<blockcode>
CorsFilter
org.apache.catalina.filters.CorsFilter
cors.allowed.origins
*
cors.allowed.methods
GET,POST,HEAD,OPTIONS,PUT
cors.allowed.headers
Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
cors.exposed.headers
Access-Control-Allow-Origin,Access-Control-Allow-Credentials
cors.support.credentials
true
cors.preflight.maxage
10
CorsFilter
/*
</blockcode>

maudrid · ‎10-14-2015

If you want to login to the explorer app, have a look at the request that the browser sends, you need to mimic it:

<javascript>
"request": {
"method": "POST",
"url": "http://localhost:8080/activiti-explorer/ui/1/loginHandler",
"httpVersion": "HTTP/1.1",
"headers": [
{
   "name": "Cookie",
   "value": "redacted"
},
{
   "name": "Origin",
   "value": "http://localhost:8080"
},
{
   "name": "Accept-Encoding",
   "value": "gzip, deflate"
},
{
   "name": "Host",
   "value": "localhost:8080"
},
{
   "name": "Accept-Language",
   "value": "en-US,en;q=0.8,af;q=0.6"
},
{
   "name": "Upgrade-Insecure-Requests",
   "value": "1"
},
{
   "name": "User-Agent",
   "value": "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36"
},
{
   "name": "Content-Type",
   "value": "application/x-www-form-urlencoded"
},
{
   "name": "Accept",
   "value": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"
},
{
   "name": "Cache-Control",
   "value": "max-age=0"
},
{
   "name": "Referer",
   "value": "http://localhost:8080/activiti-explorer/ui/APP/2/login"
},
{
   "name": "Connection",
   "value": "keep-alive"
},
{
   "name": "Content-Length",
   "value": "31"
},
{
   "name": "DNT",
   "value": "1"
}
],
"queryString": [],
"cookies": [
{
   redacted
}
],
"headersSize": 893,
"bodySize": 31,
"postData": {
"mimeType": "application/x-www-form-urlencoded",
"text": "username=kermit&password=kermit",
"params": [
   {
"name": "username",
"value": "kermit"
   },
   {
"name": "password",
"value": "kermit"
   }
]
}
}
</javascript>

This is the response I get back after a successful login:
<javascript>
"response": {
"status": 200,
"statusText": "OK",
"httpVersion": "HTTP/1.1",
"headers": [
{
   "name": "Pragma",
   "value": "no-cache"
},
{
   "name": "Date",
   "value": "Wed, 14 Oct 2015 12:06:53 GMT"
},
{
   "name": "Server",
   "value": "Apache-Coyote/1.1"
},
{
   "name": "Transfer-Encoding",
   "value": "chunked"
},
{
   "name": "Content-Type",
   "value": "text/html"
},
{
   "name": "Cache-Control",
   "value": "no-cache"
},
{
   "name": "Content-Disposition",
   "value": "filename=\"loginSuccesfull\""
},
{
   "name": "Expires",
   "value": "Thu, 01 Jan 1970 00:00:00 GMT"
}
],
"cookies": [],
"content": {
"size": 119,
"mimeType": "text/html",
"compression": -11
},
"redirectURL": "",
"headersSize": 268,
"bodySize": 130,
"_transferSize": 398
}
</javascript>

zorro1212 · ‎10-14-2015

So, after you send your request explorer handles that and logs the user into the UI? I have modified the authentication method in default login handler to parse http requests and log the user in. However, after getting the user name and password successfully, I am unable to successfully log into the UI this way. There are several comments in the source code that say that the authenticate method will allow for automated login. I suppose the activiti explorer side versus the actual request side is more of the area of an answer I am looking for.

maudrid · ‎10-15-2015

If it were me trying this (I'm no Java developer) I would try the following:
In the Iframe, set up an ajax POST call to http://localhost:8080/activiti-explorer/ui/1/loginHandler with the required headers and post data.
If the call is successful you should be logged in, then you can navigate to the page you want to show.

I quickly tried to call this url in Postman, but the server is responding with "authErrMsg": {"caption":"Authentication problem","message" : "Take note of any unsaved data, and <u>click here<\/u> to continue.","url" : null};
So I may be wrong and this way may not work. But I don't have additional time to spend on trying this method.

Hyland Connect

Login to Explorer webapp through rest or automated form filler