I think there is another JIRA (that is closed for 5.6.x) that fixed the same problem.Any help cross-referencing and closing duplicates appreciated :)_______________________________________________
On 15 May 2013 13:49, Stephen Masters <stephen.masters@me.com> wrote:That's great news. Sounds like a simple enough workaround.If you have an account on there, it would probably be a good idea to write the workaround into a comment on the Jira issue, so that future victims are able to fix their build quickly.SteveOn 15 May 2013, at 13:28, Zahid Ahmed <zahid.ahmed@emirates.com> wrote:_______________________________________________Hi Steve,Thanks for replying promptly. I have fixed this issue by replacing the following jars in guvnor.war. I debugged the guvnor code and found out that username is null in org.jboss.seam.security.IdentityImpl..activeAuthenticator. This is a JAAS Authenticator in which user is coming null. I found it out in IdentityImpl.postAuthenticate() method.1. seam-security-3.1.0.Final.jar with seam-security-3.2.0.Final.jarand2. seam-security-api-3.1.0.Final.jar with seam-security-api-3.2.0.Final.jarIt worked with all the below configurations. I have created a number of users and they are getting authenticated. But, all the users are logged in with admin rights. I have two users which have “package.developer” rights but still those users can update any process in other packages. Even those users can update their own user permissions.Regards,Zahid AhmedFrom: rules-users-bounces@lists.jboss.org [mailto:rules-users-bounces@lists.jboss.org] On Behalf Of Stephen Masters
Sent: 15 May 2013 13:01
To: Rules Users List
Subject: Re: [rules-users] Error : JAAS Authentication with Guvnor 5.5.0 and Authorization ErrorI think you may have hit this bug:I think it might be a duplicate of another, which I cant find. At root that was a Seam JAAS bug (5.5 introduced Guvnor to Seam 3), which prevented it from creating a security context. I'm not sure whether any solution was established though.SteveOn 15 May 2013, at 09:27, Zahid Ahmed <zahid.ahmed@emirates.com> wrote:Hi,I have run into a set of errors configuring JAAS Authentication for Guvnor. I have searched a lot on jboss community and for all the solutions nothing is working for me. I am getting either the login popup or I am getting “This User has no permissions setup”. The Guvnor Manual is referring to jboss eap 5 and I am trying to do this on Jboss AS 7.1.Note : I am unable to find login-config.xml file mentioned in the following link.http://docs.jboss.org/drools/release/5.5.0.Final/drools-guvnor-docs/html/ch14.html . Is guvnor deployment targeted only for JBOSS EAP 5.0 ?Environment:1. Guvnor 5.5.0.Final2. JBOSS AS 7.1.0Files Configured (Only these files I configured):1. Standalone.xml2. Guvnor.war/WEB-INF/beans.xml3. Created users using “add-user.sh”4. standalone/configuration/application-users.properties (attached).5. standalone/configuration/application-roles.properties (attached)6. standalone/configuration/management-users.propertiesConfigurationsStandalone.xml :Only configured below tags. There’s nothing else I changed for the purpose of JAAS Authentication and Guvnor Authorization. Added <security-domain name="drools-guvnor" cache-type="default"> to check if “other” is not working.<security-domain name="other" cache-type="default"><authentication><login-module code="Remoting" flag="optional"><module-option name="password-stacking" value="useFirstPass"/></login-module><login-module code="RealmUsersRoles" flag="required"><module-option name="usersProperties" value="${jboss.server.config.dir}/application-users.properties"/><module-option name="rolesProperties" value="${jboss.server.config.dir}/application-roles.properties"/><module-option name="realm" value="ApplicationRealm"/><module-option name="password-stacking" value="useFirstPass"/></login-module></authentication></security-domain><security-domain name="drools-guvnor" cache-type="default"><authentication><login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required"><module-option name="usersProperties" value="${jboss.server.config.dir}/application-users.properties"/><module-option name="rolesProperties" value="${jboss.server.config.dir}/application-roles.properties"/><module-option name="realm" value="ApplicationRealm"/><module-option name="password-stacking" value="useFirstPass"/></login-module></authentication></security-domain>Drools-guvnor.war.1. beans.xml (Tried 4 different configs as suggested on community)a. Config 1 (Attached “Config1 beans.xml” and Config1 error.txt) . Error “This User has no permission setup”.<security:IdentityImpl><s:modifies/><!-- JAAS based authentication --><security:authenticatorName>jaasAuthenticator</security:authenticatorName></security:IdentityImpl><security:jaas.JaasAuthenticator><s:modifies/><jaasConfigName>other</jaasConfigName></security:jaas.JaasAuthenticator><!-- SECURITY AUTHORIZATION CONFIGURATION --><!--This is used to enable or disable role-based authorization. By default it is disabled.--><guvnorSecurity:RoleBasedPermissionResolver><s:modifies/><guvnorSecurity:enableRoleBasedAuthorization>true</guvnorSecurity:enableRoleBasedAuthorization></guvnorSecurity:RoleBasedPermissionResolver>b. Config 2 (Attached “Config2 beans.xml” and Config2 error.txt). Error “This User has no permission setup”.<security:IdentityImpl><s:modifies/><!-- JAAS based authentication --><security:authenticatorName>jaasAuthenticator</security:authenticatorName></security:IdentityImpl><security:jaas.JaasAuthenticator><s:modifies/><security:jaasConfigName>drools-guvnor</security:jaasConfigName></security:jaas.JaasAuthenticator><!-- SECURITY AUTHORIZATION CONFIGURATION --><!--This is used to enable or disable role-based authorization. By default it is disabled.--><guvnorSecurity:RoleBasedPermissionResolver><s:modifies/><guvnorSecurity:enableRoleBasedAuthorization>true</guvnorSecurity:enableRoleBasedAuthorization></guvnorSecurity:RoleBasedPermissionResolver>c. Config 3 (Attached “Config3 beans.xml” and Config1 error.txt). Error (Same error as of Config 1) “This User has no permission setup”.<security:IdentityImpl><s:modifies/><!-- JAAS based authentication --><security:authenticatorName>jaasAuthenticator</security:authenticatorName></security:IdentityImpl><security:jaas.JaasAuthenticator><s:modifies/><jaasConfigName>other</jaasConfigName></security:jaas.JaasAuthenticator><guvnorSecurity:RoleBasedPermissionResolver><s:modifies/><guvnorSecurity:enableRoleBasedAuthorization>true</guvnorSecurity:enableRoleBasedAuthorization></guvnorSecurity:RoleBasedPermissionResolver><component name="org.jboss.seam.security.roleBasedPermissionResolver"><s:modifies/><property name="enableRoleBasedAuthorization">true</property></component>I HAVE ALSO ADDED THIS COMPONENT TAG found every where on forums to resolve this issue. I tried Tried without this also but at that time I get LOGIN screen which always says Incorrect User/Password.Is this required or <guvnorSecurity:RoleBasedPermissionResolver> is the only authorization config.<component name="org.jboss.seam.security.roleBasedPermissionResolver">;<s:modifies/><property name="enableRoleBasedAuthorization">true</property></component>Kindly help me in this configuration. I can’t find a single authentic document for my environment.Regards,Zahid<standalone.xml><Guvnor User Permission tab.png><application-roles.properties><application-users.properties><mgmt-users.properties><Config1 beans.xml><Config1 error.txt><Config2 beans.xml><Config2 error.txt><Config3 beans.xml><Config3 error.txt>_______________________________________________
rules-users mailing list
rules-users@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/rules-users
rules-users mailing list
rules-users@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/rules-users
_______________________________________________
rules-users mailing list
rules-users@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/rules-users
rules-users mailing list
rules-users@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/rules-users