Uploaded image for project: 'Red Hat Process Automation Manager'
  1. Red Hat Process Automation Manager
  2. RHPAM-4270

[JWS/Tomcat] Incorrect groups are returned when "org.kie.server.bypass.auth.user" is set and JAASUserGroupCallbackImpl is used

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Won't Do
    • Icon: Major Major
    • None
    • None
    • jBPM Core, Kie-Server
    • None
    • False
    • None
    • False
      • Enable `org.kie.server.bypass.auth.user`
      • Assign a groupId to a task
      • Try to fetch a particular task by calling potOwner/stakeHolder/businessAdmin, passing a userId which belongs to the groupId.
    • ---
    • ---

      This jiras is a followed up of RHPAM-4136 - same issue as per that ticket but in particular for Tomcat/JWS.

      Same problem remains when enabling the bypass system property and trying to fetch the tasks for a user/group where he is either the potential owner, stakeholder or business admin of the task.

      Problem behind seems to be the implementation done as per logic:

      https://github.com/kiegroup/jbpm/blob/main/jbpm-human-task/jbpm-human-task-core/src/main/java/org/jbpm/services/task/identity/JAASUserGroupCallbackImpl.java#L139

      Where the adapter for tomcat will return an empty list for the bypass user:

      https://github.com/kiegroup/droolsjbpm-integration/blob/main/kie-server-parent/kie-server-services/kie-server-services-jbpm/src/main/java/org/kie/server/services/jbpm/security/TomcatUserGroupAdapter.java#L30

       

              rhn-support-egonzale Enrique Gonzalez Martinez (Inactive)
              antferna Antonio Fernandez Alhambra (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: