10 Replies Latest reply on Sep 20, 2012 6:52 PM by rangoo

    jBPM4.3 on Weblogic 9.2

    abhishek.chikane

      Hi,

       

      I am installing jBPM 4.3 on Weblogic 9.2. I followed falling steps.

       

      1) Added all the jars (78 jars from jBPM  lib directory) on Weblogic classpath.

      2) Added the  jbpm.hibernate.cfg.xml, jbpm.cfg.xml, logging.properties inside my application. (Put on classpath)

      3) Here are the xml files details,

          jbpm.hibernate.cfg.xml

           <hibernate-configuration>
           <session-factory>   
              <property  name="connection.datasource">JbpmDS</property>
               <property name="jndi.url">t3://localhost:7001</property>
                <property  name="jndi.class">weblogic.jndi.WLInitialContextFactory</property>
                <property  name="dialect">org.hibernate.dialect.OracleDialect</property>
                <property name="show_sql">false</property>
               <property  name="hibernate.transaction.factory_class">org.hibernate.transaction.JTATransactionFactory</property>
                <property  name="hibernate.transaction.manager_lookup_class">org.hibernate.transaction.WeblogicTransactionManagerLookup</property>
                <property  name="hibernate.transaction.factory_class">org.hibernate.transaction.CMTTransactionFactory</property>
               
              <mapping resource="jbpm.repository.hbm.xml" />
                <mapping resource="jbpm.execution.hbm.xml" />
               <mapping resource="jbpm.history.hbm.xml" />
               <mapping resource="jbpm.task.hbm.xml" />
              <mapping  resource="jbpm.identity.hbm.xml" />

       

           </session-factory>
      </hibernate-configuration>

       

            jbpm.cfg.xml

           <jbpm-configuration>
           <import resource="jbpm.default.cfg.xml"/>
          <import  resource="jbpm.tx.hibernate.cfg.xml"/>
          <import  resource="jbpm.tx.jta.cfg.xml" />
          <import  resource="jbpm.jpdl.cfg.xml"/>
          <import  resource="jbpm.businesscalendar.cfg.xml" />
          <import  resource="jbpm.bpmn.cfg.xml" />
          <import  resource="jbpm.identity.cfg.xml" />
          <import  resource="jbpm.jobexecutor.cfg.xml" />
          <import  resource="jbpm.console.cfg.xml" />
      </jbpm-configuration>

       

      4)  Created a server directory and added a Java option -  -Dorg.jbpm.report.engine.dir and copied the unzipped report zip file and  jbpm reports jar file  to that directory.

      5) Created datasource  named JbpmDS and created all the tables(Oracle db).

       

       

      The  deployment works fine without error. But now I am facing two problems.

      1)  The jbpm console did not allow to login. Authentication failure on weblogic error. I have following entries into tables.

           JBPM4_ID_USER

            1    0    abhishek    abhishek    Abhishek    Chikane     achikane@ccrn.com

       

           JBPM4_ID_GROUP

            1    0    administrator    administrator    security-role      

       

          JBPM4_ID_MEMBERSHIP

           1    0    1    1 

       

            Also I have got this notice in weblogic log.

           <Jun 1,  2010 1:03:34 AM IST> <Notice> <Security>  <BEA-090078> <User abhishek in security realm myrealm has had 5  invalid login attempts, locking account for 30 minutes.>

       

      I  haven't created any user on weblogic. Is it due to the role type  (security-role)? Can you please help to resolve this issue?

       

      2)  When I try to run the process I got this exception.

       

      org.hibernate.TransactionException: Could not register synchronization for container transaction
           at org.hibernate.transaction.CMTTransaction.begin(CMTTransaction.java:76)
           at org.hibernate.impl.SessionImpl.beginTransaction(SessionImpl.java:1353)
           at org.jbpm.pvm.internal.tx.HibernateSessionResource.(HibernateSessionResource.java:44)
           at org.jbpm.pvm.internal.wire.descriptor.HibernateSessionDescriptor.construct(HibernateSessionDescriptor.java:87)
           at org.jbpm.pvm.internal.wire.WireContext.construct(WireContext.java:469)
           at org.jbpm.pvm.internal.wire.WireContext.create(WireContext.java:448)
           at org.jbpm.pvm.internal.wire.WireContext.create(WireContext.java:437)

       

      Can anybody verify and give me tips why this error is occurring?

        • 1. Re: jBPM4.3 on Weblogic 9.2
          rebody

          Hi Abhishek,

           

          Please don't use duplicated jbpm.tx.***.cfg.xml at the same time.  If you want to run jbpm4 in the jta environment, you should delete jbpm.tx.hibernate.cfg.xml.

           

          But here is still a possible bug for jta configuration, so if you meet an exception like 'cannot lookup UserTransaction from jndi', please refer this issue.

           

          https://jira.jboss.org/browse/JBPM-2694

           

          Matin has already provide a patch for this scenario,  but I am not familiar with weblogic, so I can't tell you whether it will effect your work.  And good luck.

          • 2. Re: jBPM4.3 on Weblogic 9.2
            swiderski.maciej

            You need to create/configure login module that will authenticate you towards jBPM data base or any other authentication store of your choice. If you select option two, you should provide custom identity service implementation too to inform jBPM runtime how to fetch user and group information.

             

            HTH

            • 3. Re: jBPM4.3 on Weblogic 9.2
              abhishek.chikane

              Hi,

               

              I solved the problem by removing the jta*** tag. The exception was removed when I used,

              <property name="hibernate.transaction.manager_lookup_class">

                   org.hibernate.transaction.WeblogicTransactionManagerLookup

              </property>

              instead of

              <property name="hibernate.transaction.factory_class">

                   org.hibernate.transaction.CMTTransactionFactory

              </property>

              in jbpm.hibernate***.xml.

               

              Thanks alot for the help. :-)

              • 4. Re: jBPM4.3 on Weblogic 9.2
                abhishek.chikane

                Hi,

                 

                I am still stuck with the authentication stuff. Is there any document to understand how authentication works? Or the actual code (Class name and how to find it?).

                 

                I am now trying to map the jboss-service.xml with the weblogic security stuff. Can you please help? Actually it is taking time because I am new to the Jboss and Weblogic security mechanism. Any reference would work.

                 

                I think this whole,

                 

                <mbean code="org.jboss.security.auth.login.DynamicLoginConfig" name="org.jbpm:service=LoginConfig">
                    <attribute name="PolicyConfig" serialDataType="jbxb">
                      <jaas:policy xsi:schemaLocation="urn:jboss:security-config:4.1 resource:security-config_4_1.xsd" xmlns:jaas="urn:jboss:security-config:4.1"
                                   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
                        <jaas:application-policy name="jbpm-console">
                          <jaas:authentication>
                            <!-- Authenticate against the Identiy database -->
                            <jaas:login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
                              <jaas:module-option name="dsJndiName">java:/JbpmDS</jaas:module-option>
                              <jaas:module-option name="principalsQuery"> SELECT PASSWORD_ FROM JBPM4_ID_USER WHERE ID_=? </jaas:module-option>
                              <jaas:module-option name="rolesQuery">
                                SELECT g.NAME_ ,'Roles' FROM JBPM4_ID_USER u, JBPM4_ID_MEMBERSHIP m, JBPM4_ID_GROUP g
                                WHERE g.TYPE_='security-role' AND m.GROUP_ = g.DBID_ AND m.USER_ = u.DBID_ AND u.ID_=? </jaas:module-option>
                            </jaas:login-module>
                          </jaas:authentication>
                        </jaas:application-policy>
                      </jaas:policy>
                    </attribute>
                    <depends optional-attribute-name="LoginConfigService"> jboss.security:service=XMLLoginConfig</depends>
                    <depends optional-attribute-name="SecurityManagerService"> jboss.security:service=JaasSecurityManager</depends>
                  </mbean>

                 

                part should be mapped with weblogic specific settings.

                 

                I am now reading the weblogic security basics. Lets see till that time I can find the way to replicate the things on weblogic.

                • 5. Re: jBPM4.3 on Weblogic 9.2
                  swiderski.maciej

                  I am not aware of weblogic security configuration but I guess that start point for should be get through documentation about JAAS and how to write custom login modules.

                  By very brief look at google I found something about weblogic security:

                  http://download.oracle.com/docs/cd/E15051_01/wls/docs103/security/fat_client.html

                   

                  Perhaps it is not exactly what you are looking for ...

                   

                  I could not find any information how to configure data base security realm on Weblogic.

                  • 6. Re: jBPM4.3 on Weblogic 9.2
                    abhishek.chikane

                    Thanks Maciej for the information. I am now going through the Weblogic security configuration.

                     

                    Just one request, can you please confirm that I don't need to make any changes in any one of the console*** wars to configure the security domain. As in the gwt-console-server war the jboss-web.xml has following entry, <security-domain>java:/jaas/jbpm-console</security-domain>.

                     

                    Do I need to make such entry in weblogic deployment descriptor? Or just the security setup will do?

                    • 7. Re: jBPM4.3 on Weblogic 9.2
                      swiderski.maciej

                      I would say that you don't need to modify any of the web applications but I am not security expert especially in Weblogic.

                      • 8. Re: jBPM4.3 on Weblogic 9.2
                        abhishek.chikane

                        I successfully configured the Security Setup on Weblogic 9.2. I will provide the details in the final wiki page on How to configure jBPM on Weblogic. I am still facing some issues. I have posted another issue regarding report. This is just FYI on this issue.

                        • 9. Re: jBPM4.3 on Weblogic 9.2
                          abhishek.chikane

                          Finally I managed to put all the pieces together and got the jBPM installation done on Weblogic.

                           

                          Please refer to this article.

                          http://community.jboss.org/wiki/jBPMOnWeblogic

                          • 10. Re: jBPM4.3 on Weblogic 9.2
                            rangoo

                            why is http://community.jboss.org/wiki/jBPMOnWeblogic   blocked?  Is there a different link for this article?