Thanks a lot. You basically anwsered my question.
I reviewed the bpm_orchestration3 sample included in jbossesb-server-4.2.1GA\samples\quickstarts. This sample is just one process that has 3 nodes, but its design is similar to what you described.
What I really need to confirm is:
Is it possible that without any other external actionhadler or MDB, only processA and processB, can they achieve this effect? I mean, can the nodes alone in the BPM process definition achieve the function of posting message or being invoked by message?
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4147904#4147904
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4147904
I have read all of the Security FAQ, several times, to no avail.
Q3: "This also needs to be explained more..." I'd agree. And what does "propagating to the called component" even mean in the security context? It could fail for multiple reasons. It should be clarified.
Q7: followup Q, what does "user has authenticated to the container" mean?!
Q10: as mentioned, I'm setting the information into the InitialContext correctly, because I can use the org.jboss.security.auth.spi.UsersRolesLoginModule
Q4: I've updated my log4j config file as mentioned and don't see any extra logging, is there something additional I need to configure?
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4147896#4147896
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4147896
After a lot of debugging, taking source from the JBoss repo and stepping through it, I noticed that the role 'User' was also added to role set of the users, via the standard non-LDAP IdentityLoginModule.
Adding this as a group in SBS AD and adding it to the user allowed the portal to work. Also, adding Admin worked as you would expect.
I suspect a lot of people have fallen into this trap considering the 403 errors I've seen in the forums.
It might be worth updating the specs to ensure people add these roles to their user's role sets, not just 'Authenticated'.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4147884#4147884
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4147884