Problem OAUTH credencial in Rest service

bsfl79 · February 24, 2021, 1:32pm

Hello good
I am developing a Rest Api, I have created a Flow service, a Rest Resource and I have created a RestDescriptor. This from the Designer works correctly

In the IS I have defined the OAuth2 server as you can see in the following images.

I have a registered client

I have defined a scope

I have also associated the client with the scope

I retrieve the token perfectly with the getToken service since I am using Client Credential Grant
But when I run the rest service http://localhost:5555/apirest/tirtItem/12344
The error occurs when executing outside the Designer. It always gives me the following error.

    "$errorDump": "com.wm.app.b2b.server.AccessException: [ISS.0084.9004] Access Denied\r\n\tat com.wm.app.b2b.server.ACLManager.process(ACLManager.java:269)\r\n\tat com.wm.app.b2b.server.invoke.DispatchProcessor.process(DispatchProcessor.java:41)\r\n\tat com.wm.app.b2b.server.AuditLogManager.process(AuditLogManager.java:401)\r\n\tat com.wm.app.b2b.server.invoke.InvokeManager.invoke(InvokeManager.java:611)\r\n\tat com.wm.app.b2b.server.invoke.InvokeManager.invoke(InvokeManager.java:423)\r\n\tat com.wm.app.b2b.server.invoke.InvokeManager.invoke(InvokeManager.java:381)\r\n\tat com.wm.app.b2b.server.HTTPInvokeHandler._process(HTTPInvokeHandler.java:267)\r\n\tat com.wm.app.b2b.server.RESTHandlerV2.process(RESTHandlerV2.java:146)\r\n\tat com.wm.app.b2b.server.RADHandler.process(RADHandler.java:66)\r\n\tat com.wm.app.b2b.server.HTTPDispatch.handleRequest(HTTPDispatch.java:223)\r\n\tat com.wm.app.b2b.server.Dispatch.run(Dispatch.java:430)\r\n\tat com.wm.util.pool.PooledThread.run(PooledThread.java:134)\r\n\tat java.lang.Thread.run(Thread.java:748)\r\n",
    "$errorInfo": {
        "$errorDump": "com.wm.app.b2b.server.AccessException: [ISS.0084.9004] Access Denied\r\n\tat com.wm.app.b2b.server.ACLManager.process(ACLManager.java:269)\r\n\tat com.wm.app.b2b.server.invoke.DispatchProcessor.process(DispatchProcessor.java:41)\r\n\tat com.wm.app.b2b.server.AuditLogManager.process(AuditLogManager.java:401)\r\n\tat com.wm.app.b2b.server.invoke.InvokeManager.invoke(InvokeManager.java:611)\r\n\tat com.wm.app.b2b.server.invoke.InvokeManager.invoke(InvokeManager.java:423)\r\n\tat com.wm.app.b2b.server.invoke.InvokeManager.invoke(InvokeManager.java:381)\r\n\tat com.wm.app.b2b.server.HTTPInvokeHandler._process(HTTPInvokeHandler.java:267)\r\n\tat com.wm.app.b2b.server.RESTHandlerV2.process(RESTHandlerV2.java:146)\r\n\tat com.wm.app.b2b.server.RADHandler.process(RADHandler.java:66)\r\n\tat com.wm.app.b2b.server.HTTPDispatch.handleRequest(HTTPDispatch.java:223)\r\n\tat com.wm.app.b2b.server.Dispatch.run(Dispatch.java:430)\r\n\tat com.wm.util.pool.PooledThread.run(PooledThread.java:134)\r\n\tat java.lang.Thread.run(Thread.java:748)\r\n",
        "$error": "[ISS.0084.9004] Access Denied",
        "$localizedError": "[ISS.0084.9004] Access Denied",
        "$errorType": "com.wm.app.b2b.server.AccessException",
        "$service": "sicad.flow:getTirtItemByNiin",
        "$user": "713b03ec4d2f4483aa6f5fe7a3b308ea",
        "$time": "Wed Feb 24 13:57:13 CET 2021",
        "$details": null,
        "$errorMsgId": "ISS.0084.9004"
    },
    "$error": "[ISS.0084.9004] Access Denied",
    "$errorType": "com.wm.app.b2b.server.AccessException"
}

Can you tell me what I need to configure?
Thanks.

reamon · February 24, 2021, 3:59pm

Likely need to change the permissions on the service(s) that you want to be callable from the client.

bsfl79 · February 24, 2021, 4:12pm

Hello
Where do you change the permissions of the services?
I am new to this by webMethods

reamon · February 24, 2021, 4:27pm

You’ll want to review the documentation related to permissions, ACLs, groups and users.

Changing the properties of a service is via Designer. The Properties pane has a permissions setting. To select the right ACL to use for a given service, you’ll need to define one or more ACLs in IS Administrator.

Hopefully this is enough info to get you started.

bsfl79 · February 25, 2021, 7:03am

Indeed, I have created an acl and I have added the user generated when creating the OAuth client and then in the Designer I have assigned the ACL that I have created to the package and it works correctly
Thanks

system · February 12, 2024, 9:33pm

This topic was automatically closed after 1083 days. New replies are no longer allowed.

Topic		Replies	Views
OAuth with Rest webMethods , Integration-Server-and-ESB , oauth , flow-service , security	13	3004	July 5, 2023
While testing OAUTH2 Grant Type Authorization Code in postman Error 401Unauthorized webMethods , Service-Designer , Integration-Server-and-ESB , API-Management , API-Gateway , Developer-Portal , webMethods-cloud	3	672	February 10, 2024
Implementing OAuth using webMethods Integration Server Knowledge base webMethods , Integration-Server-and-ESB , Flow-and-Java-services	29	10652	April 28, 2024
Cannot perform operation without read ACL priveleges on pub.client.http webMethods , API-Management , SOA	3	3140	April 2, 2021
webMethods 10.3 Integration Server encountered an ACL error: "Access Denied" webMethods , Integration-Server-and-ESB	6	481	May 29, 2024

Problem OAUTH credencial in Rest service

Related topics