JBPM business central error After configuring database security domain

Question

I've been trying to configure JBPM to work with database authentication

I've followed the steps in the link https://techblogtoprogram.wordpress.com/2020/07/19/configuring-db-based-user-login-and-task-notifications-for-jbpm

and managed to authenticate successfully on business central with a database user however I get and error when ever I try to go to any page related to

--Manage process instance

--Manage process definitions etc..

the error is:

Invalid credentials to load data from remote server. Contact your system administrator.

with the following stack trace

06:21:04,270 ERROR [org.dashbuilder.exception.ExceptionManager] (default task-14) Can't lookup on specified data set: jbpmProcessDefinition: org.dashbuilder.dataset.exception.DataSetLookupException: 
Can't lookup on specified data set: jbpmProcessDefinition
        at deployment.business-central.war//org.dashbuilder.dataset.DataSetManagerImpl.lookupDataSet(DataSetManagerImpl.java:163)
        at deployment.business-central.war//org.dashbuilder.dataset.DataSetManagerCDI$Proxy$_$$_WeldClientProxy.lookupDataSet(Unknown Source)
        at deployment.business-central.war//org.dashbuilder.dataset.service.DataSetLookupServicesImpl.lookupDataSet(DataSetLookupServicesImpl.java:78)
        at deployment.business-central.war//org.dashbuilder.dataset.service.DataSetLookupServicesImpl$Proxy$_$$_WeldClientProxy.lookupDataSet(Unknown Source)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.base/java.lang.reflect.Method.invoke(Method.java:566)
        at deployment.business-central.war//org.jboss.errai.bus.server.io.AbstractRPCMethodCallback.invokeMethodFromMessage(AbstractRPCMethodCallback.java:65)
        at deployment.business-central.war//org.jboss.errai.bus.server.io.ValueReplyRPCEndpointCallback.callback(ValueReplyRPCEndpointCallback.java:40)
        at deployment.business-central.war//org.jboss.errai.bus.server.io.RemoteServiceCallback.callback(RemoteServiceCallback.java:54)
        at deployment.business-central.war//org.jboss.errai.cdi.server.CDIExtensionPoints$2.callback(CDIExtensionPoints.java:448)
        at deployment.business-central.war//org.jboss.errai.bus.server.DeliveryPlan.deliver(DeliveryPlan.java:47)
        at deployment.business-central.war//org.jboss.errai.bus.server.ServerMessageBusImpl.sendGlobal(ServerMessageBusImpl.java:297)
        at deployment.business-central.war//org.jboss.errai.bus.server.SimpleDispatcher.dispatchGlobal(SimpleDispatcher.java:46)
        at deployment.business-central.war//org.jboss.errai.bus.server.service.ErraiServiceImpl.store(ErraiServiceImpl.java:96)
        at deployment.business-central.war//org.jboss.errai.bus.server.service.ErraiServiceImpl.store(ErraiServiceImpl.java:113)
        at deployment.business-central.war//org.jboss.errai.bus.server.servlet.DefaultBlockingServlet.doPost(DefaultBlockingServlet.java:144)
        at javax.servlet.api@2.0.0.Final//javax.servlet.http.HttpServlet.service(HttpServlet.java:523)
        at javax.servlet.api@2.0.0.Final//javax.servlet.http.HttpServlet.service(HttpServlet.java:590)
        at io.undertow.servlet@2.2.5.Final//io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:74)
        at io.undertow.servlet@2.2.5.Final//io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129)
        at io.undertow.websocket@2.2.5.Final//io.undertow.websockets.jsr.JsrWebSocketFilter.doFilter(JsrWebSocketFilter.java:173)
        at io.undertow.servlet@2.2.5.Final//io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
        at io.undertow.servlet@2.2.5.Final//io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
        at io.opentracing.contrib.opentracing-jaxrs2//io.opentracing.contrib.jaxrs2.server.SpanFinishingFilter.doFilter(SpanFinishingFilter.java:52)
        at io.undertow.servlet@2.2.5.Final//io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
        at io.undertow.servlet@2.2.5.Final//io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
        at deployment.business-central.war//org.uberfire.ext.security.server.SecureHeadersFilter.doFilter(SecureHeadersFilter.java:110)
        at io.undertow.servlet@2.2.5.Final//io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
        at io.undertow.servlet@2.2.5.Final//io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
        at deployment.business-central.war//org.uberfire.ext.security.server.SecurityIntegrationFilter.doFilter(SecurityIntegrationFilter.java:70)
        at io.undertow.servlet@2.2.5.Final//io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
        at io.undertow.servlet@2.2.5.Final//io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
        at io.undertow.servlet@2.2.5.Final//io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
        at io.undertow.servlet@2.2.5.Final//io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
        at io.undertow.servlet@2.2.5.Final//io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:68)
        at io.undertow.servlet@2.2.5.Final//io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
        at org.wildfly.extension.undertow@23.0.2.Final//org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
        at io.undertow.core@2.2.5.Final//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
        at io.undertow.servlet@2.2.5.Final//io.undertow.servlet.handlers.RedirectDirHandler.handleRequest(RedirectDirHandler.java:68)
        at io.undertow.servlet@2.2.5.Final//io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:117)
        at io.undertow.servlet@2.2.5.Final//io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
        at io.undertow.core@2.2.5.Final//io.undertow.server.handlers.DisableCacheHandler.handleRequest(DisableCacheHandler.java:33)
        at io.undertow.core@2.2.5.Final//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
        at io.undertow.core@2.2.5.Final//io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:53)
        at io.undertow.core@2.2.5.Final//io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
        at io.undertow.servlet@2.2.5.Final//io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
        at io.undertow.servlet@2.2.5.Final//io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:59)
        at io.undertow.core@2.2.5.Final//io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
        at io.undertow.servlet@2.2.5.Final//io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
        at io.undertow.core@2.2.5.Final//io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
        at io.undertow.core@2.2.5.Final//io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
        at io.undertow.core@2.2.5.Final//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
        at org.wildfly.extension.undertow@23.0.2.Final//org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
        at io.undertow.core@2.2.5.Final//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
        at org.wildfly.extension.undertow@23.0.2.Final//org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68)
        at io.undertow.servlet@2.2.5.Final//io.undertow.servlet.handlers.SendErrorPageHandler.handleRequest(SendErrorPageHandler.java:52)
        at io.undertow.core@2.2.5.Final//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
        at io.undertow.servlet@2.2.5.Final//io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:269)
        at io.undertow.servlet@2.2.5.Final//io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:78)
        at io.undertow.servlet@2.2.5.Final//io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:133)
        at io.undertow.servlet@2.2.5.Final//io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:130)
        at io.undertow.servlet@2.2.5.Final//io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
        at io.undertow.servlet@2.2.5.Final//io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
        at org.wildfly.extension.undertow@23.0.2.Final//org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105)
        at org.wildfly.extension.undertow@23.0.2.Final//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
        at org.wildfly.extension.undertow@23.0.2.Final//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
        at org.wildfly.extension.undertow@23.0.2.Final//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
        at org.wildfly.extension.undertow@23.0.2.Final//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1530)
        at io.undertow.servlet@2.2.5.Final//io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:249)
        at io.undertow.servlet@2.2.5.Final//io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:78)
        at io.undertow.servlet@2.2.5.Final//io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:99)
        at io.undertow.core@2.2.5.Final//io.undertow.server.Connectors.executeRootHandler(Connectors.java:387)
        at io.undertow.core@2.2.5.Final//io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:841)
        at org.jboss.threads@2.4.0.Final//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
        at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1990)
        at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
        at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377)
        at org.jboss.xnio@3.8.4.Final//org.xnio.XnioWorker$WorkerThreadFactory$1$1.run(XnioWorker.java:1280)
        at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: org.kie.server.api.exception.KieServicesHttpException: Unexpected HTTP response code when requesting URI 'http://localhost:8080/kie-server/services/rest/server/queries/processes/definitions?filter=&sort=ProcessName&sortOrder=false&page=0&pageSize=10'! Error code: 401, message: <html><head><title>Error</title></head><body>Unauthorized</body></html>
        at deployment.business-central.war//org.kie.server.client.impl.AbstractKieServicesClientImpl.createExceptionForUnexpectedResponseCode(AbstractKieServicesClientImpl.java:676)
        at deployment.business-central.war//org.kie.server.client.impl.AbstractKieServicesClientImpl.makeHttpGetRequestAndCreateCustomResponse(AbstractKieServicesClientImpl.java:216)
        at deployment.business-central.war//org.kie.server.client.impl.QueryServicesClientImpl.findProcesses(QueryServicesClientImpl.java:209)
        at deployment.business-central.war//org.jbpm.workbench.pr.backend.server.RemoteProcessRuntimeDataServiceImpl.getProcessesByFilter(RemoteProcessRuntimeDataServiceImpl.java:298)
        at deployment.business-central.war//org.jbpm.workbench.pr.backend.server.RemoteProcessRuntimeDataServiceImpl$Proxy$_$$_WeldClientProxy.getProcessesByFilter(Unknown Source)
        at deployment.business-central.war//org.jbpm.workbench.pr.backend.server.ProcessDefinitionDataSetProvider.lookupDataSet(ProcessDefinitionDataSetProvider.java:106)
        at deployment.business-central.war//org.jbpm.workbench.pr.backend.server.ProcessDefinitionDataSetProvider$Proxy$_$$_WeldClientProxy.lookupDataSet(Unknown Source)
        at deployment.business-central.war//org.dashbuilder.dataset.DataSetManagerImpl.lookupDataSet(DataSetManagerImpl.java:154)
        ... 80 more

or

Unable to complete your request. The following exception occurred: Unable to retrieve input stream of response.

with the following stack trace

06:05:47,542 ERROR [org.dashbuilder.exception.ExceptionManager] (default task-8) Can't lookup on specified data set: jbpmProcessInstances: org.dashbuilder.dataset.exception.DataSetLookupException: Can't lookup on specified data set: jbpmProcessInstances
        at deployment.business-central.war//org.dashbuilder.dataset.DataSetManagerImpl.lookupDataSet(DataSetManagerImpl.java:163)
        at deployment.business-central.war//org.dashbuilder.dataset.DataSetManagerCDI$Proxy$_$$_WeldClientProxy.lookupDataSet(Unknown Source)
        at deployment.business-central.war//org.dashbuilder.dataset.service.DataSetLookupServicesImpl.lookupDataSet(DataSetLookupServicesImpl.java:78)
        at deployment.business-central.war//org.dashbuilder.dataset.service.DataSetLookupServicesImpl$Proxy$_$$_WeldClientProxy.lookupDataSet(Unknown Source)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.base/java.lang.reflect.Method.invoke(Method.java:566)
        at deployment.business-central.war//org.jboss.errai.bus.server.io.AbstractRPCMethodCallback.invokeMethodFromMessage(AbstractRPCMethodCallback.java:65)
        at deployment.business-central.war//org.jboss.errai.bus.server.io.ValueReplyRPCEndpointCallback.callback(ValueReplyRPCEndpointCallback.java:40)
        at deployment.business-central.war//org.jboss.errai.bus.server.io.RemoteServiceCallback.callback(RemoteServiceCallback.java:54)
        at deployment.business-central.war//org.jboss.errai.cdi.server.CDIExtensionPoints$2.callback(CDIExtensionPoints.java:448)
        at deployment.business-central.war//org.jboss.errai.bus.server.DeliveryPlan.deliver(DeliveryPlan.java:47)
        at deployment.business-central.war//org.jboss.errai.bus.server.ServerMessageBusImpl.sendGlobal(ServerMessageBusImpl.java:297)
        at deployment.business-central.war//org.jboss.errai.bus.server.SimpleDispatcher.dispatchGlobal(SimpleDispatcher.java:46)
        at deployment.business-central.war//org.jboss.errai.bus.server.service.ErraiServiceImpl.store(ErraiServiceImpl.java:96)
        at deployment.business-central.war//org.jboss.errai.bus.server.service.ErraiServiceImpl.store(ErraiServiceImpl.java:113)
        at deployment.business-central.war//org.jboss.errai.bus.server.servlet.DefaultBlockingServlet.doPost(DefaultBlockingServlet.java:144)
Caused by: org.kie.server.common.rest.KieServerHttpRequestException: Unable to retrieve input stream of response
        at deployment.business-central.war//org.kie.server.common.rest.KieServerHttpRequest.responseStream(KieServerHttpRequest.java:1423)
        at deployment.business-central.war//org.kie.server.common.rest.KieServerHttpRequest.responseBuffer(KieServerHttpRequest.java:1441)
        at deployment.business-central.war//org.kie.server.common.rest.KieServerHttpRequest.responseBody(KieServerHttpRequest.java:1383)
        at deployment.business-central.war//org.kie.server.common.rest.KieServerHttpRequest.access$2100(KieServerHttpRequest.java:121)
        at deployment.business-central.war//org.kie.server.common.rest.KieServerHttpRequest$5.body(KieServerHttpRequest.java:1349)
        at deployment.business-central.war//org.kie.server.client.impl.AbstractKieServicesClientImpl.createExceptionForUnexpectedResponseCode(AbstractKieServicesClientImpl.java:674)
        at deployment.business-central.war//org.kie.server.client.impl.AbstractKieServicesClientImpl.makeHttpPostRequestAndCreateCustomResponse(AbstractKieServicesClientImpl.java:370)
        at deployment.business-central.war//org.kie.server.client.impl.AbstractKieServicesClientImpl.makeHttpPostRequestAndCreateCustomResponse(AbstractKieServicesClientImpl.java:349)
        at deployment.business-central.war//org.kie.server.client.impl.QueryServicesClientImpl.query(QueryServicesClientImpl.java:1035)
        at deployment.business-central.war//org.jbpm.workbench.ks.integration.KieServerDataSetProvider.performQuery(KieServerDataSetProvider.java:260)
        at deployment.business-central.war//org.jbpm.workbench.ks.integration.KieServerDataSetProvider.lookupDataSet(KieServerDataSetProvider.java:176)
        at deployment.business-central.war//org.jbpm.workbench.ks.integration.KieServerDataSetProvider$Proxy$_$$_WeldClientProxy.lookupDataSet(Unknown Source)
        at deployment.business-central.war//org.dashbuilder.dataset.DataSetManagerImpl.lookupDataSet(DataSetManagerImpl.java:154)
        ... 80 more
Caused by: java.net.HttpRetryException: cannot retry due to server authentication, in streaming mode
        at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1721)
        at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1520)
        at java.base/java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:527)
        at deployment.business-central.war//org.kie.server.common.rest.KieServerHttpRequest.responseCode(KieServerHttpRequest.java:1363)
        at deployment.business-central.war//org.kie.server.common.rest.KieServerHttpRequest.post(KieServerHttpRequest.java:726)
        at deployment.business-central.war//org.kie.server.client.impl.AbstractKieServicesClientImpl$7.doOperation(AbstractKieServicesClientImpl.java:358)
        at deployment.business-central.war//org.kie.server.client.impl.AbstractKieServicesClientImpl.invoke(AbstractKieServicesClientImpl.java:879)
        at deployment.business-central.war//org.kie.server.client.impl.AbstractKieServicesClientImpl.makeHttpPostRequestAndCreateCustomResponse(AbstractKieServicesClientImpl.java:354)
        ... 86 more

how ever when I go to my browser and simply open the link in the stack trace

http://localhost:8080/kie-server/services/rest/server/queries/processes/definitions?filter=&sort=ProcessName&sortOrder=false&page=0&pageSize=10

With the same username and password, it opens successfully

here is my related configuration in standalone.xml

        <property name="org.jbpm.casemgmt.showcase.url" value="/jbpm-casemgmt"/>
        <property name="org.jbpm.ht.admin.group" value="process-admin"/>
        <property name="org.jbpm.task.cleanup.enabled" value="false"/>
        <property name="org.kie.server.persistence.ds" value="java:jboss/datasources/jBPMDS"/>
        <property name="appformer.experimental.features" value="true"/>
        <property name="org.kie.prometheus.server.ext.disabled" value="false"/>
        <!-- <property name="kie.keystore.keyStoreURL" value="file:///${jboss.server.config.dir}/jBPMKeystore.jceks"/>
        <property name="kie.keystore.keyStorePwd" value="jBPMKeyStorePassword"/>
        <property name="kie.keystore.key.server.alias" value="jBPMAlias"/>
        <property name="kie.keystore.key.server.pwd" value="jBPMKeyPassword"/>
        <property name="kie.keystore.key.ctrl.alias" value="jBPMAlias"/>
        <property name="kie.keystore.key.ctrl.pwd" value="jBPMKeyPassword"/> -->
        <property name="org.kie.server.user" value="admin"/>
        <property name="org.kie.server.pwd" value="admin"/>
        <property name="org.kie.server.controller.user" value="admin"/>
        <property name="org.kie.server.controller.pwd" value="admin"/>
        <property name="org.kie.server.persistence.dialect" value="org.hibernate.dialect.PostgreSQLDialect"/>
        <property name="org.kie.server.id" value="sample-server"/>
        <property name="org.kie.server.location" value="http://localhost:8080/kie-server/services/rest/server"/>
        <property name="org.kie.server.controller" value="http://localhost:8080/business-central/rest/controller"/>
        <property name="org.jbpm.ht.userinfo" value="db"/>

                <datasource jta="true" jndi-name="java:jboss/datasources/usersDs" pool-name="usersDs" enabled="true" use-java-context="true" use-ccm="true">
                    <connection-url>jdbc:postgresql://my_postgres_container:5432/jbpm</connection-url>
                    <driver>postgres</driver>
                    <security>
                        <user-name>jbpm</user-name>
                        <password>jbpm</password>
                    </security>
                </datasource>

    <subsystem xmlns="urn:jboss:domain:security:2.0">
            <security-domains>
            <security-domain name="dbdomain" cache-type="default">
                <authentication>
                        <login-module code="Remoting" flag="optional">
                            <module-option name="password-stacking" value="useFirstPass"/>
                        </login-module>
                        <login-module code="Database" flag="required">
                            <module-option name="dsJndiName" value="java:jboss/datasources/usersDs"/>
                            <module-option name="principalsQuery" value="select passwd from Users username where username=?"/>
                            <module-option name="rolesQuery" value="select userRoles, 'Roles' from UserRoles where username=?"/>
                        </login-module>
                        <login-module code="org.kie.security.jaas.KieLoginModule" flag="optional" module="deployment.business-central.war"/>
                        <!-- <login-module code="org.kie.security.jaas.KieLoginModule" flag="optional" module="deployment.jbpm-casemgmt.war"/> -->
                </authentication>
                </security-domain>                
                <security-domain name="jboss-web-policy" cache-type="default">
                    <authorization>
                        <policy-module code="Delegating" flag="required"/>
                    </authorization>
                </security-domain>
                <security-domain name="jaspitest" cache-type="default">
                    <authentication-jaspi>
                        <login-module-stack name="dummy">
                            <login-module code="Dummy" flag="optional"/>
                        </login-module-stack>
                        <auth-module code="Dummy"/>
                    </authentication-jaspi>
                </security-domain>
                <security-domain name="jboss-ejb-policy" cache-type="default">
                    <authorization>
                        <policy-module code="Delegating" flag="required"/>
                    </authorization>
                </security-domain>
            </security-domains>
        </subsystem>

Successful postman request to the same URL in the stack trace username: admin password admin

The error indicates the user is "Unauthorized" to perform the action. Could you confirm if the admin user has "kie-server" and "rest-all" roles configured? You can enable TRACE logging for scurity package to confirm if correct roles are pulled. — Sudhish Nair, Jun 30 '22 at 17:03
I tried the URL http://localhost:8080/kie-server/services/rest/server/queries/processes/definitions?filter=&sort=ProcessName&sortOrder=false&page=0&pageSize=10 via a simple postman get request with the same user name and password admin admin and the invocation was successful and yes rest-all and kie-server are configured for the user — Ayman Edris, Jun 30 '22 at 19:42

score 0 · Answer 1 · answered Jul 02 '22 at 15:33

After digging deeper into the problem and a lot of jars decompile to investigate in the business-central.war itself

I decompiled class org.kie.server.client.impl.AbstractKieServicesClientImpl which is inside business-central.war\web-inf\lib\kie-server-client-7.71.0.Final.jar

and hard-coded my credentials in the request headers as follows

    protected <T> T makeHttpPostRequestAndCreateCustomResponse(String uri, final String body, Class<T> resultType,Map<String, String> headers) {
        //My hard coded username and password
        headers.put("Authorization", "Basic YWRtaW46YWRtaW4=");
        //My hard coded username and password
        KieServerHttpRequest request = this.invoke(uri, new RemoteHttpOperation() {
            public KieServerHttpRequest doOperation(String url) {
                AbstractKieServicesClientImpl.logger.debug("About to send POST request to '{}' with payload '{}'", url, body);
                return AbstractKieServicesClientImpl.this.newRequest(url).headers(headers).body(body).post();
            }
        });
        KieServerHttpResponse response = request.response();
        this.owner.setConversationId(response.header("X-KIE-ConversationId"));
        if (response.code() != Status.OK.getStatusCode() && response.code() != Status.CREATED.getStatusCode()) {
            throw this.createExceptionForUnexpectedResponseCode(request, response);
        } else {
            return this.deserialize(response.body(), resultType);
        }
    }


    protected KieServerHttpRequest newRequest(String uri) {
        KieServerHttpRequest httpRequest = KieServerHttpRequest.newRequest(uri).followRedirects(true).timeout(this.config.getTimeout());
        httpRequest.accept(this.getMediaType(this.config.getMarshallingFormat()));
        httpRequest.header("X-KIE-ContentType", this.config.getMarshallingFormat().toString());
        if (this.config.getHeaders() != null) {
            Iterator var3 = this.config.getHeaders().entrySet().iterator();

            while(var3.hasNext()) {
                Map.Entry<String, String> header = (Map.Entry)var3.next();
                httpRequest.header((String)header.getKey(), header.getValue());
                logger.debug("Adding additional header {} value {}", header.getKey(), header.getValue());
            }
        }

        if (this.config.getCredentialsProvider() != null) {
            String authorization = this.config.getCredentialsProvider().getAuthorization();
            if (authorization != null && !authorization.isEmpty()) {
                httpRequest.header(this.config.getCredentialsProvider().getHeaderName(), authorization);
            }
        }

        httpRequest.clientCertificate(this.config.getClientCertificate());
        if (this.owner.getConversationId() != null) {
            httpRequest.header("X-KIE-ConversationId", this.owner.getConversationId());
        }
        //My hard coded username and password
        httpRequest.header("Authorization", "Basic YWRtaW46YWRtaW4=");
        //My hard coded username and password
        return httpRequest;
    }

recompiled the class and repackaged the jar and some how this fixed the problem

I don't know if this is a bug in business-cenral or I misconfigured some thing

but the below configuration I'm using contains the same user name and password.

        <property name="org.kie.server.user" value="admin"/>
        <property name="org.kie.server.pwd" value="admin"/>
        <property name="org.kie.server.controller.user" value="admin"/>
        <property name="org.kie.server.controller.pwd" value="admin"/>
        <property name="org.kie.server.persistence.dialect" value="org.hibernate.dialect.PostgreSQLDialect"/>
        <property name="org.kie.server.id" value="sample-server"/>
        <property name="org.kie.server.location" value="http://localhost:8080/kie-server/services/rest/server"/>
        <property name="org.kie.server.controller" value="http://localhost:8080/business-central/rest/controller"/>

Did you remove the system properties related to keystores? If key-stores are present it will pick that username and password and ignore that plain text you passed. — Sudhish Nair, Jul 18 '22 at 10:31
no i removed the keystore for the configuration to be clean, if you keep it it should not make any difference. — Ayman Edris, Jul 19 '22 at 11:11
I am also facing the same issue. I installed on the linux server and trying to access remotely. I am unable to login via 'wbadmin' user. Please help me — dinu0101, Jul 08 '23 at 17:44

score 0 · Answer 2 · answered Sep 14 '22 at 14:14

Same issue here. I've installed the whole thing in 3 different servers:

Business-monitoring webapp <--> kie-server-controller <--> kie-server

I'm able to connect the controller to the bcm, and then the kie-server to the controller. That way I'm able to deploy stuff from bcm to kie-server through contoller, and the deployment goes green.

However, when I try to see the process definitions, I see the same error.

I have created the same user in all the instances with all the required roles. So weird...

JBPM business central error After configuring database security domain

2 Answers2