I have created a component in LC which exposes a service that I use in Workbench to create a process. The operation is Creation of a Policy.
When I call this method through the REST endpoint from my client application the policy gets created and then I can protect a document with it. But when I open the protected document with Adobe Reader and I try to authenticate with the principal that I put in the policy I have this message:
"The document is locked. You do not have permission to open it. Please contact the person who sent you this document and ask them to give you permission to open it."
and the exception in the server.log:
2011-06-13 08:36:16,873 ERROR [com.adobe.edc.server.errors.exception.EDCClientException] Thread: http-8443-4, hashcode: 1957068889 clientErrorCode:770 clientErrorCodeHEX:0x302 message: 2011-06-13 08:36:16,874 ERROR [STDERR] Jun 13, 2011 8:36:16 AM com.adobe.rightsmanagement.webservices.rest.RestServlet doAction SEVERE: Unexpected exception in Rest Call
On the other hand when I do the Policy Creation directly from Workbench by invoking the process and then I protect the document with that policy everything works fine.
I cannot determine the cause of this problem. The only difference I can see is that Workbench does SOAP calls when invoking the process whereas I use REST endpoint from my client application.
For both Workbench invocation and client application I use the Super Administrator account to call the methods.
Have you specified a sprcific "Document Publisher" in your code\process that applies the policy? If not, the user that invokes the service will be used as the document publisher. When you invoke from workbench, the user logged into Workbench will be used as the "Docuemnt Publisher". A "document publisher" is the person who actually applies the policy to the document.
If you apply the same policy (as used by your process) with Acrobat, can any of the users open the document with Reader?
Have you configured JBoss to use SSL (https), and habe you configured the Base URL for the Rights Management server? The Base URL gets baked into the protected PDF so Reader\Acrobat know which server to contact to get the policy information.
Have you set the "Run As" property on the process used to apply the policy. This is related to the "document publisher" stuff. You can specifiy that a process\service be invoked (run as) a specifc (Named User) user, the Invoker or System