[jboss-jira] [JBoss JIRA] (DROOLS-1040) Kie server on Tomcat with JACCValve fails authorisation
Karel Suta (JIRA)
issues at jboss.org
Mon Jan 25 08:22:00 EST 2016
Karel Suta created DROOLS-1040:
----------------------------------
Summary: Kie server on Tomcat with JACCValve fails authorisation
Key: DROOLS-1040
URL: https://issues.jboss.org/browse/DROOLS-1040
Project: Drools
Issue Type: Bug
Components: kie server
Affects Versions: 6.4.0.Beta1
Environment: Tomcat
Kie server 6.4.0-SNAPSHOT
Reporter: Karel Suta
Assignee: Karel Suta
Priority: Minor
When Kie server is run on Tomcat container with org.kie.integration.tomcat.JACCValve configured then JBPM operations which needs authorisation invoked on Kie server fails with:
"User '[UserImpl:'Roles']' does not have permissions to execute operation...".
Error happens just with JACCValve which is used for Workbench, so this isn't critical issue.
Issue is caused by JACCValve which register PolicyContextHandler with Subject returning 2 principals in HashSet, one principal represents user, second represent its roles.
JACCIdentityProvider in Kie server in method getName() returns first principal from Subject which it finds, in case it is roles principal then is returned "Roles" as user name, which is wrong.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list