[jboss-user] [JBoss jBPM] - Re: Adding JBPM to existing JBOSS 4.0.4 AS

crussell42 do-not-reply at jboss.com
Tue Feb 6 09:56:10 EST 2007 

For jbpm.3.2beta1 I have had some success but still get some exceptions related to transaction management when I try to signal a process to its end state.
In a nutshell assuming you are deploying jbpm-enterprise.ear.
1. Configure jboss with jms messaging as per jboss instructions.
2. Config your data source e.g. cp jbpm-ds.xml $jboss/server/messaging/deploy
2.5 Create the jbpm database using the scripts from jpdl/dist/ddl
e.g. jbpm.jpdl.hsqldb.sql
2.75 create and populate identity tables
Cant remember where I got these??

  | 
  | create table JBPM_ID_GROUP (ID_ bigint generated by default as identity (start with 1), CLASS_ char(1) not null, NAME_ varchar(255), TYPE_ varchar(255), PARENT_ bigint, primary key (ID_));
  | create table JBPM_ID_MEMBERSHIP (ID_ bigint generated by default as identity (start with 1), CLASS_ char(1) not null, NAME_ varchar(255), ROLE_ varchar(255), USER_ bigint, GROUP_ bigint, primary key (ID_));
  | create table JBPM_ID_PERMISSIONS (ENTITY_ bigint not null, CLASS_ varchar(255), NAME_ varchar(255), ACTION_ varchar(255));
  | create table JBPM_ID_USER (ID_ bigint generated by default as identity (start with 1), CLASS_ char(1) not null, NAME_ varchar(255), EMAIL_ varchar(255), PASSWORD_ varchar(255), primary key (ID_));
  | 
  | alter table JBPM_ID_GROUP add constraint FK_ID_GRP_PARENT foreign key (PARENT_) references JBPM_ID_GROUP;
  | alter table JBPM_ID_MEMBERSHIP add constraint FK_ID_MEMSHIP_GRP foreign key (GROUP_) references JBPM_ID_GROUP;
  | alter table JBPM_ID_MEMBERSHIP add constraint FK_ID_MEMSHIP_USR foreign key (USER_) references JBPM_ID_USER;
  | 
  | 
  | 
  | INSERT INTO JBPM_ID_GROUP VALUES(1,'G','participant','security-role',NULL)
  | INSERT INTO JBPM_ID_GROUP VALUES(2,'G','administrator','security-role',NULL)
  | INSERT INTO JBPM_ID_GROUP VALUES(3,'G','hr','organisation',NULL)
  | INSERT INTO JBPM_ID_GROUP VALUES(4,'G','sales','organisation',NULL)
  | INSERT INTO JBPM_ID_GROUP VALUES(5,'G','manager','security-role',NULL)
  | INSERT INTO JBPM_ID_MEMBERSHIP VALUES(1,'M',NULL,NULL,2,2)
  | INSERT INTO JBPM_ID_MEMBERSHIP VALUES(2,'M',NULL,NULL,3,1)
  | INSERT INTO JBPM_ID_MEMBERSHIP VALUES(3,'M',NULL,NULL,3,3)
  | INSERT INTO JBPM_ID_MEMBERSHIP VALUES(4,'M',NULL,NULL,2,3)
  | INSERT INTO JBPM_ID_MEMBERSHIP VALUES(5,'M',NULL,NULL,1,4)
  | INSERT INTO JBPM_ID_MEMBERSHIP VALUES(6,'M',NULL,'boss',2,4)
  | INSERT INTO JBPM_ID_MEMBERSHIP VALUES(7,'M',NULL,NULL,2,5)
  | INSERT INTO JBPM_ID_MEMBERSHIP VALUES(8,'M',NULL,NULL,2,1)
  | INSERT INTO JBPM_ID_MEMBERSHIP VALUES(9,'M',NULL,NULL,1,1)
  | INSERT INTO JBPM_ID_USER VALUES(1,'U','cookie monster','cookie.monster at sesamestreet.tv','cookie monster')
  | INSERT INTO JBPM_ID_USER VALUES(2,'U','ernie','ernie at sesamestreet.tv','ernie')
  | INSERT INTO JBPM_ID_USER VALUES(3,'U','bert','bert at sesamestreet.tv','bert')
  | INSERT INTO JBPM_ID_USER VALUES(4,'U','grover','grover at sesamestreet.tv','grover')
  | 
  | insert into JBPM_ID_USER (ID_, CLASS_, NAME_, EMAIL_, PASSWORD_) 
  |        values ('1', 'U', 'cookie monster', 'cookie.monster at sesamestreet.tv', 'cookie monster');
  | insert into JBPM_ID_USER (ID_,CLASS_, NAME_, EMAIL_, PASSWORD_) 
  |        values ('2', 'U', 'ernie', 'ernie at sesamestreet.tv', 'ernie');
  | insert into JBPM_ID_USER (ID_,CLASS_, NAME_, EMAIL_, PASSWORD_) 
  |        values ('3', 'U', 'bert', 'bert at sesamestreet.tv', 'bert');
  | insert into JBPM_ID_USER (ID_,CLASS_, NAME_, EMAIL_, PASSWORD_) 
  |        values ('4', 'U', 'grover', 'grover at sesamestreet.tv', 'grover');
  | 
  | 
3. Add 2 queues to $jboss/server/messaging/deploy/jboss-messaging.sar/destinations-service.xml

  |    <mbean code="org.jboss.jms.server.destination.Queue"
  |       name="jboss.messaging.destination:service=Queue,name=JbpmCommandQueue"
  |       xmbean-dd="xmdesc/Queue-xmbean.xml">
  |       <depends optional-attribute-name="ServerPeer">jboss.messaging:service=ServerPeer</depends>
  |       <attribute name="SecurityConfig">
  |          <security>
  |             <role name="guest" read="true" write="true"/>
  |             <role name="publisher" read="true" write="true" create="false"/>
  |             <role name="noacc" read="false" write="false" create="false"/>
  |          </security>
  |       </attribute>
  |    </mbean>
  | 
  |    <mbean code="org.jboss.jms.server.destination.Queue"
  |       name="jboss.messaging.destination:service=Queue,name=JbpmJobQueue"
  |       xmbean-dd="xmdesc/Queue-xmbean.xml">
  |       <depends optional-attribute-name="ServerPeer">jboss.messaging:service=ServerPeer</depends>
  |       <attribute name="SecurityConfig">
  |          <security>
  |             <role name="guest" read="true" write="true"/>
  |             <role name="publisher" read="true" write="true" create="false"/>
  |             <role name="noacc" read="false" write="false" create="false"/>
  |          </security>
  |       </attribute>
  |    </mbean>
  | 
Or figure out how to add a jbpm-services.xml with same queue definitions.
4. Configure jboss's "other" security realm. The jbpm-console is using the security domain other. Therefore we need for the security domain other config to look like that sent in the 
preconfigured jbpm starter kit server so I copied the following from the
starter kit/server/jbpm/conf/login-config.xml

e.g. Edit $jboss/server/messaging/conf/login-config.xml

  |     <application-policy name = "other">
  |        <!-- A simple server login module, which can be used when the number 
  |        of users is relatively small. It uses two properties files:
  |        users.properties, which holds users (key) and their password (value).
  |        roles.properties, which holds users (key) and a comma-separated list of
  |        their roles (value).
  |        The unauthenticatedIdentity property defines the name of the principal
  |        that will be used when a null username and password are presented as is
  |        the case for an unuathenticated web client or MDB. If you want to
  |        allow such users to be authenticated add the property, e.g.,
  |        unauthenticatedIdentity="nobody"
  |        -->
  | 
  | <!-- RUSSELL added this to match the jbpm server config given. Changed JbpmDS to DefaultDS so we can see stuff.-->
  |        <authentication>
  |          <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
  |                        flag="required">
  |            <module-option name="dsJndiName">java:/DefaultDS</module-option>
  |            <module-option name="principalsQuery">
  |              SELECT PASSWORD_ FROM JBPM_ID_USER WHERE NAME_=?
  |            </module-option>
  |            <module-option name="rolesQuery">
  |              SELECT g.NAME_ ,'Roles' 
  |              FROM JBPM_ID_USER u,
  |                   JBPM_ID_MEMBERSHIP m,
  |                   JBPM_ID_GROUP g
  |              WHERE g.TYPE_='security-role'
  |                AND m.GROUP_ = g.ID_
  |                AND m.USER_ = u.ID_
  |                AND u.NAME_=?
  |            </module-option>
  |          </login-module>
  |        </authentication>
  |     </application-policy>
  | 
You may want to leave your datasource at JbpmDS assuming step 2.
5. Deploy the ear cp jbpm-enterprise.ear $jboss/server/messaging/deploy
Should now be able to hit http://localhost:8080/jbpm-console

Depends on versions but you might also look at this posting for hints
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4003457#4003457


View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4011941#4011941

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4011941

More information about the jboss-user mailing list