-
1. Re: How does user management in jBPM work? Are sessions cached?
krisverlaenen Jun 17, 2014 11:25 AM (in response to bigman921)Do you see the same behavior with the default configuration (not using your custom SSO config)? Which as are you using?
-
2. Re: How does user management in jBPM work? Are sessions cached?
bigman921 Jun 17, 2014 12:07 PM (in response to krisverlaenen)Its a proprietary SSO system that passes the user and role information in through an encrypted header. The valve decrypts the header and creates the appropriate principal objects. A login module then passes those objects back to JBoss (login module is an implementation of UsernamePasswordLoginModule). I have verified the following use cases:
1. Restarting the SSO system, but not JBoss does NOT effect the behavior
2. Restarting JBoss, but not the SSO system causes the session to reflect the correct roles
I've also verified that getRoleSets() in the login module is returning the correct set of roles. What I don't know is if the issue is in JBoss or JBPM. I don't think you could reproduce this using the standard "other" security domain because don't you need to restart JBoss for changes to the text files containing the user's groups to take effect? That would clear out the "cache" if it does exist.
I "broke" my test system for now but once I have it working again I'll post the logs for additional context.