Hi,
 
Just to add on some information.
 
I have tried to do the following and had the following findings.
 
on the gwt-console-server-drools.war, I have extracted and remove ChangeSet.xml from drools-gwt-console-5.1.0.jar onto the classpath.
Thus, allow me to change the <resource> element's attributes value for testing.
 
1) I found that by changing the attributes username="admin" password="admin" will allow me to view/unview the processes depending on my password is set correctly.
Thus, does it means that from Drools Flow console will always list the process in the particular package using the particular user.
How can I change this to allow Drools Flow console to tie to the view to the user logged in and in whichever package he has rights to?
 
2) And, also by accessing http://localhost:8080/drools-guvnor/org.drools.guvnor.Guvnor/webdav/packages/defaultPackage from windows explorer using "john" as login, it is able to list all the resources which I cannot see in Guvnor with the same user login.
Thus, does it means that I'm able to see the "Evaluation" process when I change the ChangeSet.xml user to "john" is because webdav does not restrict the listing based on role?
Is it possible for "john" who cannot view defaultPackage on Guvnor, not to be able to see the "Evaluation" process on Drools Flow console?
 
Help please.
 
Thanks.
 
 
 
Han Ming
 


 
On Tue, Aug 10, 2010 at 6:28 PM, Han Ming Low <hanming73@gmail.com> wrote:
Hi Kris,
 
Thanks for the reply.
 
Sorry for any confusion.
I found that I'm wrong to say that the process is not showing is due to enabling the role base authorization.
 
I realize that, maybe I'm in a private network, when I first try to access the "Process" view in Drools Flow console which will in turn try to query http://localhost:8080/gwt-console-server/rs/process/definitions, it will take a long time for the server to return the definition, might be because of the xsd at http://anonsvn.jboss.org/repos/labs/labs/jbossrules/trunk/drools-api/src/main/resources/change-set-1.0.0.xsd
After a long wait, when the server return the result for definitions after the first time, I will be able to see the Process.
 
Now, when I try to login to the Drools Flow console by loggin in as "john" which I do not defined any User Permission at Guvnor, I'm still able to see the "Evaluation" process.
 
Is it possible to restrict user "john" not to see the process that he is not "defined" to see.
 
Regarding your suggestion on using changeset.xml, I'm sorry I'm not sure what is required to be done.
I would thought that Drools Flow console is using the guvnor's authenticator because after I change the guvnor-users.properties, say the password for user "admin" is changed to "admin1", I managed to login to Drools Flow console using the new password "admin1".
To me, it means that Drools Flow is actually now using guvnor-users.properties for authentication.
(if I use the old password "admin" will encounter a "Authentication Failed" error)
Just that now my problem is directly opposite to what I thought the problem was first to be.
i.e.
I want the Process not to show when login using "john" but it is showing instead.
 
Sorry for the confusion.
 
Any advice is greatly appreciated.
 
Thanks.
 
 
Han Ming
2010/8/6 Kris Verlaenen <kris.verlaenen@cs.kuleuven.be>

Han Ming,
 
The gwt-console uses the authentication as defined in the ChangeSet.xml inside the drools-gwt-console-{version}.jar in the gwt server war:
 
<resource source='http://localhost:8080/drools-guvnor/org.drools.guvnor.Guvnor/package/defaultPackage/LATEST' type='PKG' basicAuthentication="enabled" username="admin" password="admin" />
 
I guess you could change that or make sure the credential that is specified here works for your configuration, would that help?
 
Kris
 
----- Original Message -----
Sent: Thursday, August 05, 2010 10:28 AM
Subject: [rules-users] Can't see process in gwt-console after changingguvnor to authenticator

Hi,
 
I'm having problems with seeing the process in gwt-console. :p
 
This time the difference is I change the guvnor components.xml authenticator to "other" and role based authorization as "true" and set the login-config.xml authentication to a users.properties
 
The steps and difference in setup I have made is as follows
1) change guvnor and flow persistence to mysql instead of h2
2) Build defaultPackage, ABLE to see process in Drools Flow console
3) Shutdown both human task and jboss
4) Configure role-base authorization and users.properties file authentication
5) Start human.task and jboss
6) Not able to see process in Drools Flow console
7) Rebuild defaultPackage
8) Not able to see process in Drools Flow console
9) Restart both human task and jboss
10) Not able to see process in Drools Flow console
11) Delete process in guvnor and delete archive
12) Copy process from local file system to guvnor through WebDAV
13) Build defaultPackage
14) Not able to see process in Drools Flow console
15) Shutdown both human task and jboss
16) Change login back to defaultAuthenticator.authenticate
17) Start human.task and jboss
18) ABLE to see process again
 
What should I do to allow the process to be seen when other authenticator is used?
Any advice is greatly appreciated.

Thanks.


Han Ming


_______________________________________________
rules-users mailing list
rules-users@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/rules-users


Disclaimer: http://www.kuleuven.be/cwis/email_disclaimer.htm for more information.

_______________________________________________
rules-users mailing list
rules-users@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/rules-users