Uploaded image for project: 'jBPM'
  1. jBPM
  2. JBPM-3769

Guvnor and Designer find each other's address and credentials are hard coded in a xml file

    Details

      Description

      In $designer.war/profiles/jbpm.xml file we can find the below hard coded configuration:

      <externalloadurl protocol="http" host="localhost:8080" subdomain="jboss-brms/org.drools.guvnor.Guvnor/oryxeditor" usr="admin" pwd="admin"/>

      So, If JBoss is bound to an IP address different than localhost, or change the authentication in $conf/props/brms-users.properties, the business process designer doesn't work. It's impossible to load or save diagrams.

      Here is a reproduction procedure from Customer user case:

      ISSUE:
      ======
      OryxEditor only support admin/admin security authentication

      REPRODUCE:
      ==========
      1. install the JBoss-brms-5.3
      2. change .../conf/props/brms-users.properties as below:

      admin=admin123

      3. start brms-5.3
      4. create BPMN2 Process will receive the following error:

      javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
      at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:252)
      at org.jboss.security.auth.spi.UsersRolesLoginModule.login(UsersRolesLoginModule.java:152)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

      ANALYSING:

      From jbpm.xml file in the deploy/designer.war/profiles/ directory, I found the folowing:

      <externalloadurl protocol="http" host="localhost:8080" subdomain="jboss-brms/org.drools.guvnor.Guvnor/oryxeditor" usr="admin" pwd="admin"/>

      If we modify this, change pwd to admin123, then it can works.

      What we want?
      1. Is there a way for it to authenticate using the current logged in user's credentials instead of having it hard coded in the xml file?
      2. How about single sign-on? I think single sign-on is preferred.

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  tsurdilovic Tihomir Surdilovic
                  Reporter:
                  kylin Kylin Soong
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  3 Start watching this issue

                  Dates

                  • Created:
                    Updated: