-
1. Re: HTTP Status 403 - Access to the requested resource has b
kukeltje Mar 27, 2008 3:38 AM (in response to jdriver)could be that there is a security constraint in the web.xml. by default jbpm does not have that but it might be put in there for some reason.
btw, what is the url u are using? -
2. Re: HTTP Status 403 - Access to the requested resource has b
sdickerson.perse Mar 27, 2008 8:05 AM (in response to jdriver)The problem is that the users the book has you add do not have a "security-role" association. Here's what you can do to resolve this problem:
Insert a row in the JBPM_ID_MEMBERSHIP table for each new user to associate the user with one of the security-roles (manager, participant or administrator...or you can keep it simple and just make them all participants).
Explode the jbpm-console.war file in a temporary location. Edit the web.xml file so that the security-role section looks like this:<!-- This role list should be changed to include all the relevant roles for your environment. --> <security-role> <role-name>admin</role-name> </security-role> <security-role> <role-name>user</role-name> </security-role> <security-role> <role-name>manager</role-name> </security-role> <security-role> <role-name>participant</role-name> </security-role> <security-role> <role-name>administrator</role-name> </security-role>
Now, just zip up the war file again (if you use a zip program be sure to change to file extension to 'war').
And redeploy jbpm-console.war.
Let me know if you have any trouble with these instructions and I'll be glad to elaborate on them.
Scott -
3. Re: HTTP Status 403 - Access to the requested resource has b
jdriver Mar 27, 2008 4:32 PM (in response to jdriver)Thanks for the suggestions.
I tried these suggestions but still have the same issue. I added these roles to the web.xml since only admin was present initially and redeployed the war file. I checked this several times and it seems to be OK now.
The URL I am hitting is the one they tell you to use in the book:
http://localhost:8080/jbpm-console
When I go there I see the following sample users listed next to the credentials input fields :
user name_____________password_____________ group
manager **************manager ***********user,manager,admin
-----------------------------------------------------------------------
user ****************** user **************user
-------------------------------------------------------------------
shipper ***************shipper ************** user
-----------------------------------------------------------------
admin ***************admin***************user,admin
I tried adding powellb into the manager and admin groups. He was already in the participants group via the SQL script from the book.
The following security constraint is present in the web.xml:
<security-constraint>
<web-resource-collection>
<web-resource-name>Secure Area</web-resource-name>
<url-pattern>/sa/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>user</role-name>
</auth-constraint>
</security-constraint>
I can login ok as manager/manager and admin/admin. These credentials allow me to login and view all the deployed processes, tokens, tasks,etc so I believe the JPBM process deployed. when I changed the role-name above from "user" to "powellb" then couldn't log in as manager anymore, so changed that back. My assumption is that powellb should take me to the form for swimlane"Talent scout", but the url I am redirected towards is http://localhost:8080/jbpm-console/sa/processes.jsf
In the book the URL seems to be
http://localhost:8080/jbpm-console/search/tasks.jsf
but after logging in as manager/manager I put that URL in the browser and get:
HTTP Status 404 - /jbpm-console/search/tasks.jsf -
4. Re: HTTP Status 403 - Access to the requested resource has b
sdickerson.perse Mar 28, 2008 8:04 AM (in response to jdriver)Oops. I left out this change in web.xml:
<security-constraint>
<web-resource-collection>
<web-resource-name>Secure Area</web-resource-name>
<url-pattern>/sa/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>user</role-name>
<role-name>manager</role-name>
<role-name>admin</role-name>
<role-name>participant</role-name>
<role-name>administrator</role-name>
</auth-constraint>
</security-constraint>
See if that helps.
Scott -
5. Re: HTTP Status 403 - Access to the requested resource has b
sdickerson.perse Mar 28, 2008 8:29 AM (in response to jdriver)I think that URL should be /sa/tasks.jsf.
You can post errata you find on the book's support site. -
6. Re: HTTP Status 403 - Access to the requested resource has b
jdriver Apr 1, 2008 1:56 PM (in response to jdriver)Those last changes to the web.xml caused the login to start working fopr powellb.
The jbpm console has changed alot since the publication of this book less than one year ago. This helps me get farther now.
Thanks!