João Guerra [https://community.jboss.org/people/ciberg] created the discussion "Using LDAP in 5.4 - How to avoid creating users in organizationalentity table" To view the discussion, visit: https://community.jboss.org/message/796487#796487 -------------------------------------------------------------- Hi, I'm new to jBPM and I hope you can help me on this. I have jBPM 5.4 deployed in my own JBOSS AS 7.1.1 and persisting in postgres. I also have connected to LDAP and I can use the console logging with a LDAP and manage processes. I have a workflow with Human Tasks deployed in Guvnor. The problem is that I'm developing an ESB for a web application to manage the processes and tasks and I can't do anything without creating the users in the organizationalentity table. I don't understand why the console works well with LDAP and my ESB doesn't work. I have made the following to connect to LDAP: - In standalone.xml:     <security-domain name="jbpm-console" cache-type="default">         <authentication>             <login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required">                 <module-option name="bindDN" value="cn=Manager,dc=develop,dc=com"/>                 <module-option name="bindCredential" value="ldapadmin"/>                 <module-option name="java.naming.provider.url" value="ldap://192.168.1.2"/>                 <module-option name="baseCtxDN" value="ou=Person,dc=develop,dc=com"/>                 <module-option name="baseFilter" value="(uid={0})"/>                 <module-option name="rolesCtxDN" value="ou=Groups,dc=develop,dc=com"/>                 <module-option name="roleFilter" value="(member={1})"/>                 <module-option name="roleAttributeID" value="member"/>                 <module-option name="roleAttributeIsDN" value="true"/>                 <module-option name="roleNameAttributeID" value="CN"/>                 <module-option name="searchScope" value="SUBTREE_SCOPE"/>                 <module-option name="allowEmptyPasswords" value="true"/>             </login-module>             <login-module code="org.jboss.security.auth.spi.RoleMappingLoginModule" flag="optional">                 <module-option name="rolesProperties" value="${jboss.server.config.dir}/rolemapping.properties"/>             </login-module>         </authentication>     </security-domain> - File called rolemapping.properties in jboss standalone/configuration folder to map users group to the corresponding role:         Group1=user - File called jbpm.usergroup.callback.properties in WEB-INF/lib of jbpm-human-task.war with:         ldap.bind.user=cn\=Manager,dc\=develop,dc\=com         ldap.bind.pwd=ldapadmin         ldap.user.ctx=ou\=Person,dc\=develop,dc\=com         ldap.role.ctx=ou\=Group1,dc\=develop,dc\=com         #ldap.user.roles.ctx=ou\=Group1,dc\=develop,dc\=com         ldap.user.filter=(uid\={0})         ldap.role.filter=(cn\={0})         ldap.user.roles.filter=(member\={0}) - web.xml in jbpm-human-task.war replacing with:       <init-param>         <param-name>user.group.callback.class</param-name>         <param-value>org.jbpm.task.identity.LDAPUserGroupCallbackImpl</param-value>         </init-param> Thank you for any help you can give me. -------------------------------------------------------------- Reply to this message by going to Community [https://community.jboss.org/message/796487#796487] Start a new discussion in jBPM Development at Community [https://community.jboss.org/choose-container!input.jspa?contentType=1&...]