Re: [rules-users] Error : JAAS Authentication with Guvnor 5.5.0 and Authorization Error

Hi, I have run into a set of errors configuring JAAS Authentication for Guvnor. I have searched a lot on jboss community and for all the solutions nothing is working for me. I am getting either the login popup or I am getting “This User has no permissions setup”. The Guvnor Manual is referring to jboss eap 5 and I am trying to do this on Jboss AS 7.1. Note : I am unable to find login-config.xml file mentioned in the following link.http://docs.jboss.org/drools/release/5.5.0.Final/drools-guvnor-docs/... . Is guvnor deployment targeted only for JBOSS EAP 5.0 ? Environment: 1. Guvnor 5.5.0.Final 2. JBOSS AS 7.1.0 Files Configured (Only these files I configured): 1. Standalone.xml 2. Guvnor.war/WEB-INF/beans.xml 3. Created users using “add-user.sh” 4. standalone/configuration/application-users.properties (attached). 5. standalone/configuration/application-roles.properties (attached) 6. standalone/configuration/management-users.properties Configurations Standalone.xml : Only configured below tags. There’s nothing else I changed for the purpose of JAAS Authentication and Guvnor Authorization. Added <security-domain name="drools-guvnor" cache-type="default"> to check if “other” is not working. <security-domain name="other" cache-type="default"> <authentication> <login-module code="Remoting" flag="optional"> <module-option name="password-stacking" value="useFirstPass"/> </login-module> <login-module code="RealmUsersRoles" flag="required"> <module-option name="usersProperties" value="${jboss.server.config.dir}/application-users.properties"/> <module-option name="rolesProperties" value="${jboss.server.config.dir}/application-roles.properties"/> <module-option name="realm" value="ApplicationRealm"/> <module-option name="password-stacking" value="useFirstPass"/> </login-module> </authentication> </security-domain> <security-domain name="drools-guvnor" cache-type="default"> <authentication> <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required"> <module-option name="usersProperties" value="${jboss.server.config.dir}/application-users.properties"/> <module-option name="rolesProperties" value="${jboss.server.config.dir}/application-roles.properties"/> <module-option name="realm" value="ApplicationRealm"/> <module-option name="password-stacking" value="useFirstPass"/> </login-module> </authentication> </security-domain> Drools-guvnor.war. 1. beans.xml (Tried 4 different configs as suggested on community) a. Config 1 (Attached “Config1 beans.xml” and Config1 error.txt) . Error “This User has no permission setup”. <security:IdentityImpl> <s:modifies/> <!-- JAAS based authentication --> <security:authenticatorName>jaasAuthenticator</security:authenticatorName> </security:IdentityImpl> <security:jaas.JaasAuthenticator> <s:modifies/> <jaasConfigName>other</jaasConfigName> </security:jaas.JaasAuthenticator> <!-- SECURITY AUTHORIZATION CONFIGURATION --> <!-- This is used to enable or disable role-based authorization. By default it is disabled. --> <guvnorSecurity:RoleBasedPermissionResolver> <s:modifies/> <guvnorSecurity:enableRoleBasedAuthorization>true</guvnorSecurity:enableRoleBasedAuthorization> </guvnorSecurity:RoleBasedPermissionResolver> b. Config 2 (Attached “Config2 beans.xml” and Config2 error.txt). Error “This User has no permission setup”. <security:IdentityImpl> <s:modifies/> <!-- JAAS based authentication --> <security:authenticatorName>jaasAuthenticator</security:authenticatorName> </security:IdentityImpl> <security:jaas.JaasAuthenticator> <s:modifies/> <security:jaasConfigName>drools-guvnor</security:jaasConfigName> </security:jaas.JaasAuthenticator> <!-- SECURITY AUTHORIZATION CONFIGURATION --> <!-- This is used to enable or disable role-based authorization. By default it is disabled. --> <guvnorSecurity:RoleBasedPermissionResolver> <s:modifies/> <guvnorSecurity:enableRoleBasedAuthorization>true</guvnorSecurity:enableRoleBasedAuthorization> </guvnorSecurity:RoleBasedPermissionResolver> c. Config 3 (Attached “Config3 beans.xml” and Config1 error.txt). Error (Same error as of Config 1) “This User has no permission setup”. <security:IdentityImpl> <s:modifies/> <!-- JAAS based authentication --> <security:authenticatorName>jaasAuthenticator</security:authenticatorName> </security:IdentityImpl> <security:jaas.JaasAuthenticator> <s:modifies/> <jaasConfigName>other</jaasConfigName> </security:jaas.JaasAuthenticator> <guvnorSecurity:RoleBasedPermissionResolver> <s:modifies/> <guvnorSecurity:enableRoleBasedAuthorization>true</guvnorSecurity:enableRoleBasedAuthorization> </guvnorSecurity:RoleBasedPermissionResolver> <component name="org.jboss.seam.security.roleBasedPermissionResolver"> <s:modifies/> <property name="enableRoleBasedAuthorization">true</property> </component> I HAVE ALSO ADDED THIS COMPONENT TAG found every where on forums to resolve this issue. I tried Tried without this also but at that time I get LOGIN screen which always says Incorrect User/Password.Is this required or <guvnorSecurity:RoleBasedPermissionResolver> is the only authorization config. <component name="org.jboss.seam.security.roleBasedPermissionResolver">; <s:modifies/> <property name="enableRoleBasedAuthorization">true</property> </component> Kindly help me in this configuration. I can’t find a single authentic document for my environment. Regards, Zahid <standalone.xml><Guvnor User Permission tab.png><application-roles.properties><application-users.properties><mgmt-users.properties><Config1 beans.xml><Config1 error.txt><Config2 beans.xml><Config2 error.txt><Config3 beans.xml><Config3 error.txt>_______________________________________________ rules-users mailing list rules-users(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/rules-users