-
1. Re: Switching the Database Backend and jBPM 3.2.3
kukeltje Oct 7, 2008 4:52 AM (in response to danrowley)First http://docs.jboss.org/jbpm/v3.2/userguide/html/ is better to be used. Docs cleaning up is currently going on
Besides that:Is Chapter 8 out of sync with 3.2.3 or have I done something incorrectly?
Yes, even in the 3.2 docs
Better to read:
http://wiki.jboss.org/wiki/JbpmContributedDocs (the 3.2.2. getting started), chapter 3.5
http://wiki.jboss.org/wiki/JbpmDbCompatibility -
2. Re: Switching the Database Backend and jBPM 3.2.3
danrowley Oct 7, 2008 9:58 PM (in response to danrowley)Thank you for your time, kukeltje; I ended up using pages 68-71 of the Business Processing Modelling using jBPM 3.2.2 Guide, available via those links that you had provided. I am currently migrating jBPM to a PostgreSQL database, and have made some clarifications to the Guide, which I'll make available on the wiki once I organise access to it; I'm pretty sure that migrating jBPM to a database other than the in-built one (Hypersonic) is a pretty common task.
One thing that wasn't too clear, and something I believe is preventing a log in to the jBPM-console using the new database, is how to populate the JBPM_ID_GROUP, JBPM_ID_USER, and JBPM_MEMBERSHIP tables (logically, not technically). From what I understand, a user who wants to, at least, log into the console needs, at least, a 'user' role. While I understand the (primary key-foreign key) relationships between the tables, it was unclear to me as to:
- the purpose of the TYPE_ field of the JBPM_ID_GROUP.
Any chance you could make clear as to whether or not values in that table field could be preventing valid logins to the console?
I understand that one of the steps involved in migrating jBPM to another database, involves editing the <application-policy> of the login-config.xml (found in <JBPM_JPDL_HOME>/server/server/jbpm/conf/). Instructions for that step read:
"... So before creating a datasource make sure that the datasource has been deployed on the server and the jndi has got registered to the server and is specified appropriately with the login-config.xml Otherwise most of the time a login violation occurs at the jBPM console due to inappropriate jndi specification."
Am I correct in understanding that to mean that my new database should be up and running on the server, before I mess around with login-config.xml? I have a feeling I've misinterpreted that instruction.
Below is a quotation of my login-config.xml.
Any help you could provide, would be much appreciated.
<application-policy name = "jbpm">
<authentication>
<login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
flag="required">
<module-option name="dsJndiName">java:/JbpmDSpostgresql</module-option>
<module-option name="principalsQuery">
SELECT PASSWORD_ FROM JBPM_ID_USER WHERE NAME_=?
</module-option>
<module-option name="rolesQuery">
SELECT g.NAME_ ,'Roles'
FROM JBPM_ID_USER u,
JBPM_ID_MEMBERSHIP m,
JBPM_ID_GROUP g
WHERE g.TYPE_='security-role'
AND m.GROUP_ = g.ID_
AND m.USER_ = u.ID_
AND u.NAME_=?
</module-option>
</login-module>
</authentication>
</application-policy>
Kindest regards,
Dan Rowley -
3. Re: Switching the Database Backend and jBPM 3.2.3
danrowley Oct 7, 2008 10:01 PM (in response to danrowley)My jbpm-ds.xml file also contains:
<datasources> <local-tx-datasource> <jndi-name>JbpmDSpostgresql</jndi-name> <connection-url>jdbc:postgresql://localhost:5432/jBPMdb</connection-url> <driver-class>org.postgresql.Driver</driver-class> <user-name>postgres</user-name> <password>admin</password> <metadata> <type-mapping>PostgreSQL 8.3</type-mapping> </metadata> </local-tx-datasource> </datasources>
"danrowley" wrote:
Thank you for your time, kukeltje; I ended up using pages 68-71 of the Business Processing Modelling using jBPM 3.2.2 Guide, available via those links that you had provided. I am currently migrating jBPM to a PostgreSQL database, and have made some clarifications to the Guide, which I'll make available on the wiki once I organise access to it; I'm pretty sure that migrating jBPM to a database other than the in-built one (Hypersonic) is a pretty common task.
One thing that wasn't too clear, and something I believe is preventing a log in to the jBPM-console using the new database, is how to populate the JBPM_ID_GROUP, JBPM_ID_USER, and JBPM_MEMBERSHIP tables (logically, not technically). From what I understand, a user who wants to, at least, log into the console needs, at least, a 'user' role. While I understand the (primary key-foreign key) relationships between the tables, it was unclear to me as to:
- the purpose of the TYPE_ field of the JBPM_ID_GROUP.
Any chance you could make clear as to whether or not values in that table field could be preventing valid logins to the console?
I understand that one of the steps involved in migrating jBPM to another database, involves editing the <application-policy> of the login-config.xml (found in <JBPM_JPDL_HOME>/server/server/jbpm/conf/). Instructions for that step read:
"... So before creating a datasource make sure that the datasource has been deployed on the server and the jndi has got registered to the server and is specified appropriately with the login-config.xml Otherwise most of the time a login violation occurs at the jBPM console due to inappropriate jndi specification."
Am I correct in understanding that to mean that my new database should be up and running on the server, before I mess around with login-config.xml? I have a feeling I've misinterpreted that instruction.
Below is a quotation of my login-config.xml.
Any help you could provide, would be much appreciated.
<application-policy name = "jbpm">
<authentication>
<login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
flag="required">
<module-option name="dsJndiName">java:/JbpmDSpostgresql</module-option>
<module-option name="principalsQuery">
SELECT PASSWORD_ FROM JBPM_ID_USER WHERE NAME_=?
</module-option>
<module-option name="rolesQuery">
SELECT g.NAME_ ,'Roles'
FROM JBPM_ID_USER u,
JBPM_ID_MEMBERSHIP m,
JBPM_ID_GROUP g
WHERE g.TYPE_='security-role'
AND m.GROUP_ = g.ID_
AND m.USER_ = u.ID_
AND u.NAME_=?
</module-option>
</login-module>
</authentication>
</application-policy>
Kindest regards,
Dan Rowley -
4. Re: Switching the Database Backend and jBPM 3.2.3
danrowley Oct 7, 2008 10:51 PM (in response to danrowley)After inspecting the SELECT statement in my login-config.xml, I realised that the TYPE_ field of the JBPM_ID_GROUP should contain values of "security-role".
I'll make this explicit in the Wiki contribution I'll be making soon.
I hope this has helped others,
Dan Rowley"danrowley" wrote:
My jbpm-ds.xml file also contains:<datasources> <local-tx-datasource> <jndi-name>JbpmDSpostgresql</jndi-name> <connection-url>jdbc:postgresql://localhost:5432/jBPMdb</connection-url> <driver-class>org.postgresql.Driver</driver-class> <user-name>postgres</user-name> <password>admin</password> <metadata> <type-mapping>PostgreSQL 8.3</type-mapping> </metadata> </local-tx-datasource> </datasources>
"danrowley" wrote:
Thank you for your time, kukeltje; I ended up using pages 68-71 of the Business Processing Modelling using jBPM 3.2.2 Guide, available via those links that you had provided. I am currently migrating jBPM to a PostgreSQL database, and have made some clarifications to the Guide, which I'll make available on the wiki once I organise access to it; I'm pretty sure that migrating jBPM to a database other than the in-built one (Hypersonic) is a pretty common task.
One thing that wasn't too clear, and something I believe is preventing a log in to the jBPM-console using the new database, is how to populate the JBPM_ID_GROUP, JBPM_ID_USER, and JBPM_MEMBERSHIP tables (logically, not technically). From what I understand, a user who wants to, at least, log into the console needs, at least, a 'user' role. While I understand the (primary key-foreign key) relationships between the tables, it was unclear to me as to:
- the purpose of the TYPE_ field of the JBPM_ID_GROUP.
Any chance you could make clear as to whether or not values in that table field could be preventing valid logins to the console?
I understand that one of the steps involved in migrating jBPM to another database, involves editing the <application-policy> of the login-config.xml (found in <JBPM_JPDL_HOME>/server/server/jbpm/conf/). Instructions for that step read:
"... So before creating a datasource make sure that the datasource has been deployed on the server and the jndi has got registered to the server and is specified appropriately with the login-config.xml Otherwise most of the time a login violation occurs at the jBPM console due to inappropriate jndi specification."
Am I correct in understanding that to mean that my new database should be up and running on the server, before I mess around with login-config.xml? I have a feeling I've misinterpreted that instruction.
Below is a quotation of my login-config.xml.
Any help you could provide, would be much appreciated.
<application-policy name = "jbpm">
<authentication>
<login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
flag="required">
<module-option name="dsJndiName">java:/JbpmDSpostgresql</module-option>
<module-option name="principalsQuery">
SELECT PASSWORD_ FROM JBPM_ID_USER WHERE NAME_=?
</module-option>
<module-option name="rolesQuery">
SELECT g.NAME_ ,'Roles'
FROM JBPM_ID_USER u,
JBPM_ID_MEMBERSHIP m,
JBPM_ID_GROUP g
WHERE g.TYPE_='security-role'
AND m.GROUP_ = g.ID_
AND m.USER_ = u.ID_
AND u.NAME_=?
</module-option>
</login-module>
</authentication>
</application-policy>
Kindest regards,
Dan Rowley -
5. Re: Switching the Database Backend and jBPM 3.2.3
kukeltje Oct 8, 2008 8:19 AM (in response to danrowley)regarding the roles... there were already topics in this forum, articles in the wiki and in this getting started link I mailed (afaik)