[jboss-dev-forums] [Design of JBoss jBPM] - Re: Identity management docs
tom.baeyens@jboss.com
do-not-reply at jboss.com
Mon Feb 4 04:58:56 EST 2008
"Who's maintaining that code?"
that would be me, i guess :-)
the jbpm identity component is pretty straight forward. there are 3 main classes User, Group and Membership. These are mapped to the database to 3 tables.
in module jbpm.3/jboss/configuration, there are (per AS version) a number of configuration files. in the login-config.xml there is the declaration of the jbpm security domain. it is a database login module that checks the user name and password in the database. it also extracts the roles from the DB tables as follows:
<application-policy name = "jbpm">
| <authentication>
| <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
| flag="required">
| <module-option name="dsJndiName">java:/JbpmDS</module-option>
| <module-option name="principalsQuery">
| SELECT PASSWORD_ FROM JBPM_ID_USER WHERE NAME_=?
| </module-option>
| <module-option name="rolesQuery">
| SELECT g.NAME_ ,'Roles'
| FROM JBPM_ID_USER u,
| JBPM_ID_MEMBERSHIP m,
| JBPM_ID_GROUP g
| WHERE g.TYPE_='security-role'
| AND m.GROUP_ = g.ID_
| AND m.USER_ = u.ID_
| AND u.NAME_=?
| </module-option>
| </login-module>
| </authentication>
| </application-policy>
|
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4126056#4126056
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4126056
More information about the jboss-dev-forums
mailing list