-
1. Re: Expose Servlet along with JBPM UI How?
swiderski.maciej Jun 3, 2014 1:35 AM (in response to tmcclure0501)as soon as you'll make the URL (your servlet) to be secured behind JEE security and UF security filter then upon successful logon app server will redirect you to requested (and protected) resource. So that means you'll need to add your servlet mapping to both UF security filter and JEE security constraint list and that should to the work.
HTH
-
2. Re: Expose Servlet along with JBPM UI How?
tmcclure0501 Jun 3, 2014 8:49 AM (in response to swiderski.maciej)Maciej,
I did not notice any security constraints being defined in the jboss web.xml - also I notice this being defined:
org.uberfire.auth.force.url
lets us specify the location that UberFire redirects to following a successful authentication (login) attempt.
Does this mean all successful login will be redirected here?
Tim
-
3. Re: Expose Servlet along with JBPM UI How?
tmcclure0501 Jun 3, 2014 8:57 AM (in response to tmcclure0501)Actually I was looking in the jetty web.xml - I see the constraint in the jboss web.xml - I will try modifying it.
Tim
-
4. Re: Expose Servlet along with JBPM UI How?
tmcclure0501 Jun 3, 2014 10:11 AM (in response to tmcclure0501)<init-param>
<param-name>org.uberfire.auth.force.url</param-name>
<param-value>/org.kie.workbench.KIEWebapp/KIEWebapp.html</param-value>
</init-param>
Maciej,
I got it to work by commenting out the lines specified above from the web.xml and everything seems to work. Not sure why you would want to force to a url anyway. Are there any reprecussions in commenting this out?
Tim
-
5. Re: Expose Servlet along with JBPM UI How?
swiderski.maciej Jun 4, 2014 1:39 AM (in response to tmcclure0501)this force url is mostly for UI thing to always start with main page to load GWT modules properly. If the application works fine for your case it seems to be safe to keep it as is. Alternatively you'll need to check if you need to be actually protected by UberFire security or not. Might be enough to only rely on container security if you servlet does not refer to any UberFire functionality.
HTH