Uploaded image for project: 'Drools'
  1. Drools
  2. DROOLS-1040

Kie server on Tomcat with JACCValve fails authorisation

XMLWordPrintable

    • Hide

      Deploy Kie server on Tomcat which has org.kie.integration.tomcat.JACCValve valve defined in server.xml. Run JBPM tests from Kie server integration test suite.
      Some tests will fail with "User '[UserImpl:'Roles']' does not have permissions to execute operation...".

      Show
      Deploy Kie server on Tomcat which has org.kie.integration.tomcat.JACCValve valve defined in server.xml. Run JBPM tests from Kie server integration test suite. Some tests will fail with "User ' [UserImpl:'Roles'] ' does not have permissions to execute operation...".
    • fixed and merged into master and 6.4.x
    • NEW
    • NEW

      When Kie server is run on Tomcat container with org.kie.integration.tomcat.JACCValve configured then JBPM operations which needs authorisation invoked on Kie server fails with:
      "User '[UserImpl:'Roles']' does not have permissions to execute operation...".

      Error happens just with JACCValve which is used for Workbench, so this isn't critical issue.

      Issue is caused by JACCValve which register PolicyContextHandler with Subject returning 2 principals in HashSet, one principal represents user, second represent its roles.
      JACCIdentityProvider in Kie server in method getName() returns first principal from Subject which it finds, in case it is roles principal then is returned "Roles" as user name, which is wrong.

              ksuta Karel Suta
              ksuta Karel Suta
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: