RootServices Lyo OAuth Web App

Hello, I m trying to implement a Jazz Root Services.

I’m using Lyo 4.0.0.
I added in the web.xml :










    <servlet-name>JAX-RS Servlet</servlet-name>







And I added

        } catch (ClassNotFoundException e)
            System.err.println("Application failed to initialize");

In the

I also added the rootservices_rdfxml.jsp file.

So far I can acces http://localhost:8081/adaptor-rm/rootservices
I also can acces this directory http://localhost:8081/adaptor-rm/oauth/ and the pages inside.

I took the adaptor-rm-webapp project as a base.

I can’t acces the REST endpoints :

I got a 404 error.

Thanks for reading

Hello @Michael.C,

You should check in CredentialsFilter if the paths you are trying to access are protected or not. Those two you are talking about should be whitelisted. Example:

As you can see, that code is designed for no-context deployment, where you don’t have the adaptor-rm context. I suggest you put some logging into the isProtectedResource method and tweak it if necessary.

@jad we may need to tweak this line to check for the context or strip it before the check: generateCredentialsFilter.mtl#L109


Hello Andrew.

My filter is empty for now.

public class CredentialsFilter implements Filter {


    public void destroy() {



    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse,

            FilterChain chain) throws IOException, ServletException {

                chain.doFilter(servletRequest, servletResponse);




    public void init(FilterConfig arg0) throws ServletException {



I did not find if it was possible to generate the rootService with Lyo designer. So I took the files from the adaptor-bugzilla.

I was accessing the wrong urls. They are like this http://localhost:8081/adaptor-rm/services/oauth/requestKey
So I changed the content of rootservices_rdfxml.jsp to reflect the correct urls but I don’t know how to change them in the imported jsp files from oauth-webapp

So your hint was helpfull. I modified the context with / and my urls are fine now.
I also had to set an aplication and a consumer store for OAuthConfiguration.

I mostly return true for testing purpose.

I’m now able to link my serveur to Polarion, I also can see the list of services.

But when I click on “Select Work Item From Linked Data Friend Server” I got a popup with the following warning : “Friend server configuration is missing”.

Does anyone know what it means ?

I managed to solve my issues by having Polarion and the OSLC serveur on the same machine.

1 Like

If having both apps on the same machine helps, you should look at CSP/CORS settings that prevent website data to be stolen by hackers but may make integration work harder. Polarion also had problems with overly restrictive use of SameSite=Strict cookie attribute, preventing it from being sent when a Polarion page is loaded in an iframe, even after you type your login and password.