1 Reply Latest reply on Feb 13, 2017 5:09 PM by dmarrazzo

User '[UserImpl:'XXXX']' does not have permissions to execute operation 'XXXX' on task id #

fernandocantu Feb 13, 2017 3:33 PM

Hello, I have put some of my projects in a container and run by using Rest-api calls

User '[UserImpl:'kieuser']' does not have permissions to execute operation 'Claim' on task id 2.

I understand why I get this error because the user who is making the api calls (kieuser) does not have the permissions to execute task id 2.

For example task id 2 can only be access by admin and kieuser is a user.

However, is there away I can let know that xxxx user is sending the api call instead of kieuser?

I know I can also use the the property org.kie.server.bypass.auth.user to make it so anybody can claim the task but I don't want to do that.

1. Re: User '[UserImpl:'XXXX']' does not have permissions to execute operation 'XXXX' on task id #

dmarrazzo Feb 13, 2017 5:09 PM (in response to fernandocantu)

Hello Fernando, your question is not really clear to me.

Let me try to explain with my words:

- you want to use a single system user/pwd to interact with the kieserver
- you want to impersonate a user to perform Task management action (so the user "XXXX" claim the task)

If I understood correctly, the way to achieve this is described in the paragraph 16.4 of Development Guide:

1) disable the security settings by using the org.kie.server.bypass.auth.user property.
2) provide a user with sufficient permissions to execute the operation using the query parameter ?user=$USER_NAME. This works, but it's highly discouraged for the security implications. It's better to configure the front-end and the back-end in a SSO domain.
Actions