Loading...

XML

Word

Printable

Type: Feature Request
Resolution: Done
Priority: Major
Fix Version/s: 7.13.1.GA, IBM BAMOE 8.0.1.GA
Affects Version/s: 7.11.1.GA
Component/s: jBPM Core
Labels:
- bamoe-verified

Blocked:
False
Ready:
False
Affects:

Release Notes
CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
Fix Build:
CR1
QE Test Coverage:
+
Target Release:

7.13.1.GA
Git Pull Request:
https://github.com/kiegroup/droolsjbpm-integration/pull/2750, https://github.com/kiegroup/droolsjbpm-knowledge/pull/596, https://github.com/kiegroup/droolsjbpm-knowledge/pull/606, https://github.com/kiegroup/droolsjbpm-integration/pull/2819, https://github.com/kiegroup/droolsjbpm-knowledge/pull/607, https://github.com/kiegroup/droolsjbpm-integration/pull/2820
Market:

Sprint:
2022 Week 11-13 (from Mar 14), 2022 Week 14-16 (from Apr 4), 2022 Week 17-19 (from Apr 25), 2022 Week 20-22 (from May 16), 2022 Week 23-25 (from Jun 6), 2022 Week 26-28 (from Jun 27), 2022 Week 29-31 (from Jul 18)

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

The Spring Boot / SSO configuration:

https://github.com/kiegroup/droolsjbpm-integration/blob/main/kie-spring-boot/kie-spring-boot-autoconfiguration/jbpm-spring-boot-autoconfiguration/src/main/java/org/jbpm/springboot/security/SpringSecurityUserGroupCallback.java

https://github.com/kiegroup/droolsjbpm-integration/blob/main/kie-spring-boot/kie-spring-boot-samples/keycloak-kie-server-spring-boot-sample/src/main/java/org/kie/server/springboot/samples/KeycloakIdentityProvider.java

and the default Spring Identity Provider/Callback:

https://github.com/kiegroup/droolsjbpm-integration/blob/7.59.x/kie-spring-boot/kie-spring-boot-autoconfiguration/jbpm-spring-boot-autoconfiguration/src/main/java/org/jbpm/springboot/security/SpringSecurityIdentityProvider.java

suffers from the same defect as described into ~~RHPAM-4087~~.

We assume that the fix would mean to enhance SpringSecurityUserGroupCallback to pass userId to the pluggable identity providers, such as: KeycloakIdentityProvider, and SpringSecurityIdentityProvider.

Note. The steps to reproduce it, are the same fully described into the original Jira ~~RHPAM-4087~~, but change the callback from "JAASUserGroupCallbackImpl" to "SpringSecurityUserGroupCallback"

is cloned by

JBPM-10045 Incorrect response for REST service when "org.kie.server.bypass.auth.user" used with Spring Boot Runtime

Resolved

relates to

RHPAM-4136 Incorrect groups are returned when "org.kie.server.bypass.auth.user" is set and JAASUserGroupCallbackImpl is used

Closed

Assignee:: Enrique Gonzalez Martinez (Inactive)

Reporter:: Daniele Mammarella

Tester:: Antonio Fernandez Alhambra (Inactive)

QA Contact:: Antonio Fernandez Alhambra (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 8 Start watching this issue

Created:: 2022/02/03 4:37 PM

Updated:: 2024/02/12 9:17 AM

Resolved:: 2022/08/05 6:52 AM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates