Hi all,
I running into a strange issue when trying to call a webMethods service SPECIFICALLY from a Grails web application. Using a RESTful service testing tool like Postman, the service runs fine.
I’m calling the webMethods service at server:port/invoke/package.folder/service. To access it, I need HTTP basic authentication which I provide in an ‘Authorization’ header. WITHOUT said Authorization, I get an Access Denied error no matter how I attempt to invoke the webMethods service (either Grails or Postman). The user in my Authorization block has access to the ACL that maintains permissions for the webMethods service, and when I employ that user in my Authorization header for Postman, I am successful.
In Grails, I use the following code to call my service:
def webmethods = new RESTClient('http://server:port', ContentType.JSON)
webmethods.auth.basic('safe_user','safe_user_pass')
def response = webmethods.post(path: '/invoke/package.folder/service', body: [json: map]) {
headers.'Authorization' = 'Basic ' + "safe_user:safe_user_pass".bytes.encodeBase64()
}
The second header for Authorization is included for extra safety with large “body” values.
When I check the webMethods admin console after executing the code above, I see that the service in question started in the Server logs, but ran for 0 seconds. I also see the following exception in the Error logs (photo attached on the topic; all errors in the photo have the same exception):
java.lang.NullPointerException: null
at com.wm.app.b2b.server.HTTPState.getBasicAuthenticatedUser(HTTPState.java:845)
at com.wm.app.b2b.server.HTTPState.getAuthenticatedUser(HTTPState.java:812)
at com.wm.app.b2b.server.HTTPState.processHeader(HTTPState.java:253)
at com.wm.app.b2b.server.Dispatch.processHeader(Dispatch.java:268)
at com.wm.app.b2b.server.Dispatch.run(Dispatch.java:365)
at com.wm.util.pool.PooledThread.run(PooledThread.java:119)
at java.lang.Thread.run(Thread.java:724)
I can’t find any documentation for HTTPState in the 9.5 documentation (which is what my server is running). My question is this: is there any reason why the “getBasicAuthenticatedUser” service would “lose” an Authorization header midway through a POST operation? Has anyone had any experience with calling webMethods directly from web applications using basic authentication? Is there any way to dig further into the HTTPState process to find out what NULL might be appearing?
Any thoughts or answers would be greatly appreciated.
Thanks.