Uploaded image for project: 'Red Hat Process Automation Manager'
  1. Red Hat Process Automation Manager
  2. RHPAM-1513

SecurityException when SLA is triggered in case


    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Blocker Blocker
    • 7.1.0.GA
    • 7.1.0.GA
    • Kie-Server
    • None
    • Springboot

    • 1
    • CR2
    • Hide

      Run CaseSLAComplianceIntegrationTest Kie server test against Springboot.

      Run CaseSLAComplianceIntegrationTest Kie server test against Springboot.
    • 2018 Week 36-38

      In case SLA expires in a case deployed in Springboot the error is thrown:

      java.lang.SecurityException: User system is not authorized to access case

      Complete stacktrace can be found in attachment.

      The issue can be caused by having different user name for internal operations. This jBPM commit introduces internal system user with name "unknown" to execute internal task which aren't directly triggered by user request (like SLA expiry). Kie server JACCIdentityProvider returns "unknown" user in case no authentication was done. Springboot SpringSecurityIdentityProvider however returns "system" user.

            swiderski.maciej Maciej Swiderski (Inactive)
            ksuta Karel Suta
            Karel Suta Karel Suta
            Karel Suta Karel Suta
            0 Vote for this issue
            3 Start watching this issue
