[jboss-user] [JBoss jBPM] - Re: Switching the Database Backend and jBPM 3.2.3

danrowley do-not-reply at jboss.com
Tue Oct 7 21:58:46 EDT 2008

Thank you for your time, kukeltje; I ended up using pages 68-71 of the Business Processing Modelling using jBPM 3.2.2 Guide, available via those links that you had provided. I am currently migrating jBPM to a PostgreSQL database, and have made some clarifications to the Guide, which I'll make available on the wiki once I organise access to it; I'm pretty sure that migrating jBPM to a database other than the in-built one (Hypersonic) is a pretty common task.

One thing that wasn't too clear, and something I believe is preventing a log in to the jBPM-console using the new database, is how to populate the JBPM_ID_GROUP, JBPM_ID_USER, and JBPM_MEMBERSHIP tables (logically, not technically). From what I understand, a user who wants to, at least, log into the console needs, at least, a 'user' role. While I understand the (primary key-foreign key) relationships between the tables, it was unclear to me as to:

- the purpose of the TYPE_ field of the JBPM_ID_GROUP.

Any chance you could make clear as to whether or not values in that table field could be preventing valid logins to the console?

I understand that one of the steps involved in migrating jBPM to another database, involves editing the <application-policy> of the login-config.xml (found in <JBPM_JPDL_HOME>/server/server/jbpm/conf/). Instructions for that step read:

"... So before creating a datasource make sure that the datasource has been deployed on the server and the jndi has got registered to the server and is specified appropriately with the login-config.xml Otherwise most of the time a login violation occurs at the jBPM console due to inappropriate jndi specification."

Am I correct in understanding that to mean that my new database should be up and running on the server, before I mess around with login-config.xml? I have a feeling I've misinterpreted that instruction.

Below is a quotation of my login-config.xml. 

Any help you could provide, would be much appreciated.

anonymous wrote : 
  | <application-policy name = "jbpm">
  |          <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
  |                        flag="required">
  |            <module-option name="dsJndiName">java:/JbpmDSpostgresql</module-option>
  |            <module-option name="principalsQuery">
  |            </module-option>
  |            <module-option name="rolesQuery">
  |              SELECT g.NAME_ ,'Roles' 
  |              FROM JBPM_ID_USER u,
  |                   JBPM_ID_MEMBERSHIP m,
  |                   JBPM_ID_GROUP g
  |              WHERE g.TYPE_='security-role'
  |                AND m.GROUP_ = g.ID_
  |                AND m.USER_ = u.ID_
  |                AND u.NAME_=?
  |            </module-option>
  |          </login-module>
  |     </application-policy>

Kindest regards,

Dan Rowley

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4180910#4180910

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4180910

More information about the jboss-user mailing list