cancel
Showing results for 
Search instead for 
Did you mean: 

ADF process diagram component - 401 Unauthorized error

markknaus
Champ in-the-making
Champ in-the-making

We have implemented the adf-diagram component in our ADF v4.3 app. When trying to display the diagram for a running process instance we are getting a 401 - Unauthorized error. The logged in user is then immediately logged out. This is only occurring when accessing a process instance on a remote APS server, in this case an aws ec2 instance. The issue does not occur when the app is pointed to a local APS instance. We are also able to reproduce the issue with the demo-shell app when pointed to the same remote server. Here's the error reported:

GET https://myhostport/activiti-app/app/rest/process-instances/587515/model-json 401

Error: HTTP Status 401 – Unauthorized</h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Message</b> Access Denied</p><p><b>Description</b> The request has not been applied because it lacks valid authentication credentials for the target resource.</p><hr class="line" /><h3>Apache Tomcat/8.5.28</h3></body></html>
at v.<anonymous> (main-es2015.1c396ef7d23a5ac1eeec.js:1)
at v.n.emit (main-es2015.1c396ef7d23a5ac1eeec.js:1)
at XMLHttpRequest.t.onreadystatechange [as __zone_symbol__ON_PROPERTYreadystatechange] (main-es2015.1c396ef7d23a5ac1eeec.js:1)
at XMLHttpRequest.T (polyfills-es2015.752b36de6112257c6215.js:1)
at l.invokeTask (polyfills-es2015.752b36de6112257c6215.js:1)
at Object.onInvokeTask (main-es2015.1c396ef7d23a5ac1eeec.js:1)
at l.invokeTask (polyfills-es2015.752b36de6112257c6215.js:1)
at i.runTask (polyfills-es2015.752b36de6112257c6215.js:1)
at u.invokeTask [as invoke] (polyfills-es2015.752b36de6112257c6215.js:1)
at p (polyfills-es2015.752b36de6112257c6215.js:1)

3 REPLIES 3

eugenio_romano
Elite Collaborator
Elite Collaborator

Hi, to be honest, because it works in a scenario but not another it suggests is probably something related to the second's configuration.

What kind of authentication are you using?

mauriziovitale
Confirmed Champ
Confirmed Champ

Most probably you have a CORS error in the console.

Thank you both for your replies. It does seem that it may have to do with type of authentication. I've tested the adf-diagram component against 2 environments that use basic auth and they both failed. I tested it against another environment that uses OAUTH running in a docker compose and it succeeded.

While the issue is occurring in the adf-diagram component the real problem is the api call that it makes- /app/rest/process-instances/{processInstanceId}/model-json located in the js-api method ModelJsonBpmnApi::getModelJSONForProcessDefinition(). The error can be reproduced in Postman.  Is there some configuration in APS that needs to be done to enable calls to /activiti-app/app/rest/... API's?