Uploaded image for project: 'jBPM'
  1. jBPM
  2. JBPM-7126

[Security management] Workbench not connecting to kie-server in a Keycloack setup

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Blocker
    • Resolution: Cannot Reproduce
    • Affects Version/s: None
    • Fix Version/s: 7.8.0.Final
    • Component/s: KieServer
    • Labels:
      None
    • Docs QE Status:
      NEW
    • QE Status:
      NEW

      Description

      See video showing the issue rhsso-kieserver-error.mp4.

      The workbench is not able to connect to the kie-server instance. It throws an error in the log:

      Caused by: org.kie.server.api.exception.KieServicesHttpException: Unexpected HTTP response code when requesting URI 
      'http://localhost:8080/kie-server/services/rest/server/queries/definitions/jbpmProcessInstances/filtered-data?mapper=RawList&page=0&pageSize=10'! 
      Error code: 403, message: <html><head><title>Error</title></head><body>Forbidden</body></html>
      

      I tried both basic and token authentication and both fail.

      The requests sent to kie-server from command-line are working though:

      >curl http://kieserver:kieserver@localhost:8080/kie-server/services/rest/server
       
      <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
      <response type="SUCCESS" msg="Kie Server info">
      ...
      

      That means the request is being successfully authenticated in keycloack.

      This can be reproduced with the lastest RH SSO 7.2 (Keycloack 3.4.3) and the latest workbench version from 7.7.x branch (ER2 build).

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                davidredhat David Gutierrez
                Reporter:
                davidredhat David Gutierrez
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: