1 Reply Latest reply on May 28, 2013 5:27 AM by sandy yang

    permission control don‘t work in guvnor-5.5.0.Final-jboss-as-7.0

    sandy yang Newbie

      Referring to the following documents, I do the permission and user authentication configuration for drools guvnor,

      http://docs.jboss.org/drools/release/5.5.0.Final/drools-guvnor-docs/html_single/index.html#d0e5233

      http://docs.jboss.org/drools/release/5.5.0.Final/drools-guvnor-docs/html_single/index.html#d0e5317

       

       

       

      And I change the bean.xml as below,

       

      <?xml version="1.0" encoding="UTF-8"?>
      <beans xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
          xmlns:s="urn:java:ee"
          xmlns:weld="http://jboss.org/schema/weld/beans"
          xmlns:security="urn:java:org.jboss.seam.security"
          xmlns:guvnorRepository="urn:java:org.drools.guvnor.server.repository"
          xmlns:guvnorSecurity="urn:java:org.drools.guvnor.server.security"
          xsi:schemaLocation="
              http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/beans_1_0.xsd
              http://jboss.org/schema/weld/beans http://jboss.org/schema/weld/beans_1_1.xsd">
      
      
        <guvnorRepository:GuvnorBootstrapConfiguration>
          <s:modifies/>
      
      
          <!-- JackRabbit  -->
          <guvnorRepository:properties>
            <s:entry><s:key>org.drools.repository.configurator</s:key><s:value>org.drools.repository.jackrabbit.JackrabbitRepositoryConfigurator</s:value></s:entry>
           
          </guvnorRepository:properties>
      
      
         
        </guvnorRepository:GuvnorBootstrapConfiguration>
      
      
      
      
        <security:IdentityImpl>
          <s:modifies/>
                <security:authenticatorName>jaasAuthenticator</security:authenticatorName>
        </security:IdentityImpl>
      
      
        <security:jaas.JaasAuthenticator>
          <s:modifies/>
                <security:jaasConfigName>drools-guvnor-jaas</security:jaasConfigName>
        </security:jaas.JaasAuthenticator>
      
      
        
      
      
        <component name="org.jboss.seam.security.roleBasedPermissionResolver">
                <s:modifies/>
                <property name="enableRoleBasedAuthorization">true</property>
        </component>
      
      
        <weld:scan>
          <!-- Disable the seam-security by drools rules -->
          <weld:exclude name="org.jboss.seam.security.permission.RuleBasedPermissionResolver"/>
          <!-- TODO remove me when GUVNOR-1196 is fixed -->
          <weld:exclude name="org.drools.guvnor.gwtutil.**"/>
          <weld:exclude name="org.drools.guvnor.client.**"/>
        </weld:scan>
      
      
      </beans>
      
      

       

       

       

       

       

      Reboot jboss, then key in the user name and password in the drools guvnor login interface and click the [login] button, error as followed,

       


      org.jboss.seam.security.AuthorizationException: This user has no permissions setup.
               at org.drools.guvnor.server.security.SecurityServiceImpl.getUserCapabilities(SecurityServiceImpl.java:128) [guvnor-webapp-core-5.5.0.Final.jar:5.5.0.Final]
      
               at org.drools.guvnor.server.security.SecurityServiceImpl.getCurrentUser(SecurityServiceImpl.java:101) [guvnor-webapp-core-5.5.0.Final.jar:5.5.0.Final]
               at org.drools.guvnor.server.security.SecurityServiceImpl$Proxy$_$$_WeldClientProxy.getCurrentUser(SecurityServiceImpl$Proxy$_$$_WeldClientProxy.java) [guvnor-webapp-core-5.5.0.Final.jar:5.5.0.Final]
               at org.drools.guvnor.server.SecurityServiceServlet.getCurrentUser(SecurityServiceServlet.java:74) [guvnor-webapp-core-5.5.0.Final.jar:5.5.0.Final]
               at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.6.0_11]
               at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [rt.jar:1.6.0_11]
               at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [rt.jar:1.6.0_11]
               at java.lang.reflect.Method.invoke(Method.java:597) [rt.jar:1.6.0_11]
               at com.google.gwt.user.server.rpc.RPC.invokeAndEncodeResponse(RPC.java:569) [gwt-servlet-2.4.0.jar:]
               ... 27 more
      
      


       

       

       

      then I found the info below,

      https://community.jboss.org/message/764678#764678

      https://issues.jboss.org/browse/SEAMSECURITY-98

       

      the reason was there is a bug in the seam security 3.1.0 final, but I cannot find any fixed version for the seam-security-3.1.1.Final, so I change seam-security-3.1.0.Final.jar to seam-security-3.2.0.Final.jar in drools guvnor.war.

      when I reboot, the login runs smoothly, but the permission configuration which is mentioned in the document ‘Chapter 15. Fine grained permissions and security(http://docs.jboss.org/drools/release/5.5.0.Final/drools-guvnor-docs/html_single/index.html#d0e5317)’ do not work.

       

      Any idear