queries methods not allowed for users with kie-server role PAM 7.12

Posted on

I installed PAM 7.12 with the installer to try it out on a windows machine running on Jboss EAP 7.4. I have users set up with role
- kie-server
- user
Looking at the web.xml of the kie-server deployment, these users should have permissions on the REST API.
The users can call REST methods with POST and PUT in tests

The users can start processes:
POST
"http://localhost:8080/kie-server/services/rest/server/containers/SALETask/processes/SALETask.ExampleTask/instances";

PUT
"http://localhost:8080/kie-server/services/rest/server/containers/SALETask/tasks/12/states/claimed";
"http://localhost:8080/kie-server/services/rest/server/containers/SALETask/tasks/12/states/started";
"http://localhost:8080/kie-server/services/rest/server/containers/SALETask/tasks/12/states/completed";

The following GET fails with a 405 (passing in basic auth credentials)

"http://localhost:8080/kie-server/services/rest/server/queries/tasks/instances";
Content-Type: "application/json"

Tests with the same user logged into the swagger doc page fail with a 401.

In the server setup, the following properties are set:

I have setup an admin user mentioned in the standalone-full.xml "org.jbpm.ht.admin.user"

The user passed in for the query does have the kie-server role.
I also tried other test users passed in via the url param who have the kie-server role

Other method calls successful, but not this one.

Is there any explanation for this?

Thank you

Responses