Uploaded image for project: 'jBPM'
  1. jBPM
  2. JBPM-10045

Incorrect response for REST service when "org.kie.server.bypass.auth.user" used with Spring Boot Runtime

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Done
    • Icon: Major Major
    • 7.60.0.Final
    • None
    • None
    • None

      The Spring Boot / SSO configuration:

      https://github.com/kiegroup/droolsjbpm-integration/blob/main/kie-spring-boot/kie-spring-boot-autoconfiguration/jbpm-spring-boot-autoconfiguration/src/main/java/org/jbpm/springboot/security/SpringSecurityUserGroupCallback.java

      https://github.com/kiegroup/droolsjbpm-integration/blob/main/kie-spring-boot/kie-spring-boot-samples/keycloak-kie-server-spring-boot-sample/src/main/java/org/kie/server/springboot/samples/KeycloakIdentityProvider.java

      and the default Spring Identity Provider/Callback:

      https://github.com/kiegroup/droolsjbpm-integration/blob/7.59.x/kie-spring-boot/kie-spring-boot-autoconfiguration/jbpm-spring-boot-autoconfiguration/src/main/java/org/jbpm/springboot/security/SpringSecurityIdentityProvider.java

      suffers from the same defect as described into RHPAM-4087.

      We assume that the fix would mean to enhance SpringSecurityUserGroupCallback to pass userId to the pluggable identity providers, such as: KeycloakIdentityProvider, and SpringSecurityIdentityProvider.

       

      Note. The steps to reproduce it, are the same fully described into the original Jira RHPAM-4087, but change the callback from "JAASUserGroupCallbackImpl" to "SpringSecurityUserGroupCallback"

              rhn-support-egonzale Enrique Gonzalez Martinez (Inactive)
              rhn-support-egonzale Enrique Gonzalez Martinez (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: