Kie server on Tomcat with JACCValve fails authorisation ------------------------------------------------------- Key: DROOLS-1040 URL: https://issues.jboss.org/browse/DROOLS-1040 Project: Drools Issue Type: Bug Components: kie server Affects Versions: 6.4.0.Beta1 Environment: Tomcat Kie server 6.4.0-SNAPSHOT Reporter: Karel Suta Assignee: Karel Suta Priority: Minor Labels: reported-by-qe Fix For: 6.4.0.CR1 When Kie server is run on Tomcat container with org.kie.integration.tomcat.JACCValve configured then JBPM operations which needs authorisation invoked on Kie server fails with: "User '[UserImpl:'Roles']' does not have permissions to execute operation...". Error happens just with JACCValve which is used for Workbench, so this isn't critical issue. Issue is caused by JACCValve which register PolicyContextHandler with Subject returning 2 principals in HashSet, one principal represents user, second represent its roles. JACCIdentityProvider in Kie server in method getName() returns first principal from Subject which it finds, in case it is roles principal then is returned "Roles" as user name, which is wrong.