1 Reply Latest reply on May 26, 2016 6:17 AM by Rustam Usmanov

    jBPM 6.4.0 + LDAP

    Rustam Usmanov Apprentice

      Having WildFly 8.2.0 and jBPM 6.4.0 I'm trying to integrate them with LDAP (AD).

       

      1. KIE WB

       

      • Defined new security domain "AD" with LDAPExtended login module.
      • Corrected jboss-web.xml descriptor of jbpm-console.war to reference "AD" security domain instead of "other".
      • Created user with required group membership (admin, kiemgmt, rest-all).
      • Successfully logged in KIE WB, created managed repository, projects.
      • All seems fine except of ssh access to repository - unable to log into it till addition of login module mentioned above into the "other" security domain.

      So my first questions:

      Should be this behaviour considered a bug?

      How is it possible to escape from "other" security domain as regards ssh?

       

      2.User task group-based assignment.

      Now  UserGroupCallback comes into scene.

      • Created jbpm.usergroup.callback.properties with values similar to ones that were used in login module configuration. Note that role recursion is not supported. Placed this file into WEB-INFO/classes of jbpm-console.war.
      • Provided WildFly with system properties org.jbpm.ht.callback=ldap, org.jbpm.ht.userinfo=ldap and jbpm.user.info.properties=/jbpm.usergroup.callback.properties to keep all the properties needed in single place.
      • Instantiating my process and looking at group task list in KIE WB:
      • When task groupId is "X" and current user is not in group "X" I can't see this task. It's fine.
      • When user task groupId is "B" and current user is in group "A" and group A is in group B I can see this task in a list. Yes, LDAPUserGroupCallbackImpl is not in effect yet, but claiming this task should fail since role recursion is not supported. So some inconsistency here exists. Probably it's the subject for enhancement request.
      • When user task groupId is "A" and current user is in group "A" I can see this task in a list. But it's impossible to claim it because of:

          2016-04-29 14:36:44,539 DEBUG [org.jbpm.services.task.identity.JAASUserGroupCallbackImpl] (default task-11) Adding roles from JAAS subject
          2016-04-29 14:36:44,539 ERROR [org.jbpm.services.task.identity.JAASUserGroupCallbackImpl] (default task-11) Error when getting user roles for userid:rustam: java.lang.NullPointerException
          at org.jbpm.services.task.identity.JAASUserGroupCallbackImpl.getGroupsForUser(JAASUserGroupCallbackImpl.java:123) [jbpm-human-task-core-6.4.0.Final.jar:6.4.0.Final]
          at org.jbpm.services.task.commands.UserGroupCallbackTaskCommand.doCallbackGroupsOperation(UserGroupCallbackTaskCommand.java:163) [jbpm-human-task-core-6.4.0.Final.jar:6.4.0.Final]
          at org.jbpm.services.task.commands.UserGroupCallbackTaskCommand.doUserGroupCallbackOperation(UserGroupCallbackTaskCommand.java:89) [jbpm-human-task-core-6.4.0.Final.jar:6.4.0.Final]
          at org.jbpm.services.task.commands.ClaimTaskCommand.execute(ClaimTaskCommand.java:50) [jbpm-human-task-core-6.4.0.Final.jar:6.4.0.Final]
          at org.jbpm.services.task.commands.ClaimTaskCommand.execute(ClaimTaskCommand.java:33) [jbpm-human-task-core-6.4.0.Final.jar:6.4.0.Final]
          at org.jbpm.services.task.commands.CompositeCommand.execute(CompositeCommand.java:143) [jbpm-human-task-core-6.4.0.Final.jar:6.4.0.Final]
          at org.jbpm.services.task.commands.TaskCommandExecutorImpl$SelfExecutionCommandService.execute(TaskCommandExecutorImpl.java:65) [jbpm-human-task-core-6.4.0.Final.jar:6.4.0.Final]
          at org.drools.core.command.impl.AbstractInterceptor.executeNext(AbstractInterceptor.java:41) [drools-core-6.4.0.Final.jar:6.4.0.Final]
          at org.jbpm.services.task.persistence.TaskTransactionInterceptor.execute(TaskTransactionInterceptor.java:69) [jbpm-human-task-jpa-6.4.0.Final.jar:6.4.0.Final]
          at org.drools.core.command.impl.AbstractInterceptor.executeNext(AbstractInterceptor.java:41) [drools-core-6.4.0.Final.jar:6.4.0.Final]
          at org.drools.persistence.jta.TransactionLockInterceptor.execute(TransactionLockInterceptor.java:73) [drools-persistence-jpa-6.4.0.Final.jar:6.4.0.Final]
          at org.drools.core.command.impl.AbstractInterceptor.executeNext(AbstractInterceptor.java:41) [drools-core-6.4.0.Final.jar:6.4.0.Final]
          at org.drools.persistence.jpa.OptimisticLockRetryInterceptor.execute(OptimisticLockRetryInterceptor.java:82) [drools-persistence-jpa-6.4.0.Final.jar:6.4.0.Final]
          at org.jbpm.services.task.commands.TaskCommandExecutorImpl.execute(TaskCommandExecutorImpl.java:40) [jbpm-human-task-core-6.4.0.Final.jar:6.4.0.Final]
          at org.jbpm.services.task.impl.command.CommandBasedTaskService.execute(CommandBasedTaskService.java:157) [jbpm-human-task-core-6.4.0.Final.jar:6.4.0.Final]
          at org.jbpm.runtime.manager.impl.task.SynchronizedTaskService.execute(SynchronizedTaskService.java:865) [jbpm-runtime-manager-6.4.0.Final.jar:6.4.0.Final]
          at org.jbpm.kie.services.impl.UserTaskServiceImpl.execute(UserTaskServiceImpl.java:957) [jbpm-kie-services-6.4.0.Final.jar:6.4.0.Final]
          at org.jbpm.services.cdi.impl.UserTaskServiceCDIImpl$Proxy$_$$_WeldClientProxy.execute(Unknown Source) [jbpm-services-cdi-6.4.0.Final.jar:6.4.0.Final]
          at org.jbpm.console.ng.ht.backend.server.TaskLifeCycleServiceImpl.claim(TaskLifeCycleServiceImpl.java:57) [jbpm-console-ng-human-tasks-backend-6.4.0.Final.jar:6.4.0.Final]
          at org.jbpm.console.ng.ht.backend.server.TaskLifeCycleServiceImpl$Proxy$_$$_WeldClientProxy.claim(Unknown Source) [jbpm-console-ng-human-tasks-backend-6.4.0.Final.jar:6.4.0.Final]
          at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_80]
          at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) [rt.jar:1.7.0_80]
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) [rt.jar:1.7.0_80]
          at java.lang.reflect.Method.invoke(Unknown Source) [rt.jar:1.7.0_80]
          at org.jboss.errai.bus.server.io.AbstractRPCMethodCallback.invokeMethodFromMessage(AbstractRPCMethodCallback.java:48) [errai-bus-3.2.3.Final.jar:3.2.3.Final]
          at org.jboss.errai.bus.server.io.VoidRPCEndpointCallback.callback(VoidRPCEndpointCallback.java:20) [errai-bus-3.2.3.Final.jar:3.2.3.Final]
          at org.jboss.errai.bus.server.io.RemoteServiceCallback.callback(RemoteServiceCallback.java:54) [errai-bus-3.2.3.Final.jar:3.2.3.Final]
          at org.jboss.errai.cdi.server.CDIExtensionPoints$2.callback(CDIExtensionPoints.java:410) [errai-weld-integration-3.2.3.Final.jar:3.2.3.Final]
          at org.jboss.errai.bus.server.DeliveryPlan.deliver(DeliveryPlan.java:47) [errai-bus-3.2.3.Final.jar:3.2.3.Final]
          at org.jboss.errai.bus.server.ServerMessageBusImpl.sendGlobal(ServerMessageBusImpl.java:296) [errai-bus-3.2.3.Final.jar:3.2.3.Final]
          at org.jboss.errai.bus.server.SimpleDispatcher.dispatchGlobal(SimpleDispatcher.java:46) [errai-bus-3.2.3.Final.jar:3.2.3.Final]
          at org.jboss.errai.bus.server.service.ErraiServiceImpl.store(ErraiServiceImpl.java:97) [errai-bus-3.2.3.Final.jar:3.2.3.Final]
          at org.jboss.errai.bus.server.service.ErraiServiceImpl.store(ErraiServiceImpl.java:114) [errai-bus-3.2.3.Final.jar:3.2.3.Final]
          at org.jboss.errai.bus.server.servlet.DefaultBlockingServlet.doPost(DefaultBlockingServlet.java:142) [errai-bus-3.2.3.Final.jar:3.2.3.Final]
          at javax.servlet.http.HttpServlet.service(HttpServlet.java:707) [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final]
          at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final]
          at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:130) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at org.uberfire.ext.security.server.SecureHeadersFilter.doFilter(SecureHeadersFilter.java:69) [uberfire-servlet-security-0.8.0.Final.jar:0.8.0.Final]
          at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at org.uberfire.ext.security.server.SecurityIntegrationFilter.doFilter(SecurityIntegrationFilter.java:61) [uberfire-servlet-security-0.8.0.Final.jar:0.8.0.Final]
          at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:85) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:61) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
          at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:56) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.server.handlers.DisableCacheHandler.handleRequest(DisableCacheHandler.java:33) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:51) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:45) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:63) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:56) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
          at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
          at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.servlet.handlers.SessionRestoringHandler.handleRequest(SessionRestoringHandler.java:119) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:261) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:247) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:76) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:166) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.server.Connectors.executeRootHandler(Connectors.java:197) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:759) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
          at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) [rt.jar:1.7.0_80]
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) [rt.jar:1.7.0_80]
          at java.lang.Thread.run(Unknown Source) [rt.jar:1.7.0_80]

          2016-04-29 14:36:44,602 WARN  [org.jbpm.services.task.persistence.TaskTransactionInterceptor] (default task-11) Could not commit session: org.jbpm.services.task.exception.PermissionDeniedException: User '[UserImpl:'rustam']' does not have permissions to execute operation 'Claim' on task id 41
          at org.jbpm.services.task.internals.lifecycle.MVELLifeCycleManager.evalCommand(MVELLifeCycleManager.java:119) [jbpm-human-task-core-6.4.0.Final.jar:6.4.0.Final]
          at org.jbpm.services.task.internals.lifecycle.MVELLifeCycleManager.taskOperation(MVELLifeCycleManager.java:369) [jbpm-human-task-core-6.4.0.Final.jar:6.4.0.Final]
          at org.jbpm.services.task.impl.TaskInstanceServiceImpl.claim(TaskInstanceServiceImpl.java:154) [jbpm-human-task-core-6.4.0.Final.jar:6.4.0.Final]
          at org.jbpm.services.task.commands.ClaimTaskCommand.execute(ClaimTaskCommand.java:52) [jbpm-human-task-core-6.4.0.Final.jar:6.4.0.Final]
          at org.jbpm.services.task.commands.ClaimTaskCommand.execute(ClaimTaskCommand.java:33) [jbpm-human-task-core-6.4.0.Final.jar:6.4.0.Final]
          at org.jbpm.services.task.commands.CompositeCommand.execute(CompositeCommand.java:143) [jbpm-human-task-core-6.4.0.Final.jar:6.4.0.Final]
          at org.jbpm.services.task.commands.TaskCommandExecutorImpl$SelfExecutionCommandService.execute(TaskCommandExecutorImpl.java:65) [jbpm-human-task-core-6.4.0.Final.jar:6.4.0.Final]
          at org.drools.core.command.impl.AbstractInterceptor.executeNext(AbstractInterceptor.java:41) [drools-core-6.4.0.Final.jar:6.4.0.Final]
          at org.jbpm.services.task.persistence.TaskTransactionInterceptor.execute(TaskTransactionInterceptor.java:69) [jbpm-human-task-jpa-6.4.0.Final.jar:6.4.0.Final]
          at org.drools.core.command.impl.AbstractInterceptor.executeNext(AbstractInterceptor.java:41) [drools-core-6.4.0.Final.jar:6.4.0.Final]
          at org.drools.persistence.jta.TransactionLockInterceptor.execute(TransactionLockInterceptor.java:73) [drools-persistence-jpa-6.4.0.Final.jar:6.4.0.Final]
          at org.drools.core.command.impl.AbstractInterceptor.executeNext(AbstractInterceptor.java:41) [drools-core-6.4.0.Final.jar:6.4.0.Final]
          at org.drools.persistence.jpa.OptimisticLockRetryInterceptor.execute(OptimisticLockRetryInterceptor.java:82) [drools-persistence-jpa-6.4.0.Final.jar:6.4.0.Final]
          at org.jbpm.services.task.commands.TaskCommandExecutorImpl.execute(TaskCommandExecutorImpl.java:40) [jbpm-human-task-core-6.4.0.Final.jar:6.4.0.Final]
          at org.jbpm.services.task.impl.command.CommandBasedTaskService.execute(CommandBasedTaskService.java:157) [jbpm-human-task-core-6.4.0.Final.jar:6.4.0.Final]
          at org.jbpm.runtime.manager.impl.task.SynchronizedTaskService.execute(SynchronizedTaskService.java:865) [jbpm-runtime-manager-6.4.0.Final.jar:6.4.0.Final]
          at org.jbpm.kie.services.impl.UserTaskServiceImpl.execute(UserTaskServiceImpl.java:957) [jbpm-kie-services-6.4.0.Final.jar:6.4.0.Final]
          at org.jbpm.services.cdi.impl.UserTaskServiceCDIImpl$Proxy$_$$_WeldClientProxy.execute(Unknown Source) [jbpm-services-cdi-6.4.0.Final.jar:6.4.0.Final]
          at org.jbpm.console.ng.ht.backend.server.TaskLifeCycleServiceImpl.claim(TaskLifeCycleServiceImpl.java:57) [jbpm-console-ng-human-tasks-backend-6.4.0.Final.jar:6.4.0.Final]
          at org.jbpm.console.ng.ht.backend.server.TaskLifeCycleServiceImpl$Proxy$_$$_WeldClientProxy.claim(Unknown Source) [jbpm-console-ng-human-tasks-backend-6.4.0.Final.jar:6.4.0.Final]
          at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_80]
          at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) [rt.jar:1.7.0_80]
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) [rt.jar:1.7.0_80]
          at java.lang.reflect.Method.invoke(Unknown Source) [rt.jar:1.7.0_80]
          at org.jboss.errai.bus.server.io.AbstractRPCMethodCallback.invokeMethodFromMessage(AbstractRPCMethodCallback.java:48) [errai-bus-3.2.3.Final.jar:3.2.3.Final]
          at org.jboss.errai.bus.server.io.VoidRPCEndpointCallback.callback(VoidRPCEndpointCallback.java:20) [errai-bus-3.2.3.Final.jar:3.2.3.Final]
          at org.jboss.errai.bus.server.io.RemoteServiceCallback.callback(RemoteServiceCallback.java:54) [errai-bus-3.2.3.Final.jar:3.2.3.Final]
          at org.jboss.errai.cdi.server.CDIExtensionPoints$2.callback(CDIExtensionPoints.java:410) [errai-weld-integration-3.2.3.Final.jar:3.2.3.Final]
          at org.jboss.errai.bus.server.DeliveryPlan.deliver(DeliveryPlan.java:47) [errai-bus-3.2.3.Final.jar:3.2.3.Final]
          at org.jboss.errai.bus.server.ServerMessageBusImpl.sendGlobal(ServerMessageBusImpl.java:296) [errai-bus-3.2.3.Final.jar:3.2.3.Final]
          at org.jboss.errai.bus.server.SimpleDispatcher.dispatchGlobal(SimpleDispatcher.java:46) [errai-bus-3.2.3.Final.jar:3.2.3.Final]
          at org.jboss.errai.bus.server.service.ErraiServiceImpl.store(ErraiServiceImpl.java:97) [errai-bus-3.2.3.Final.jar:3.2.3.Final]
          at org.jboss.errai.bus.server.service.ErraiServiceImpl.store(ErraiServiceImpl.java:114) [errai-bus-3.2.3.Final.jar:3.2.3.Final]
          at org.jboss.errai.bus.server.servlet.DefaultBlockingServlet.doPost(DefaultBlockingServlet.java:142) [errai-bus-3.2.3.Final.jar:3.2.3.Final]
          at javax.servlet.http.HttpServlet.service(HttpServlet.java:707) [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final]
          at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final]
          at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:130) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at org.uberfire.ext.security.server.SecureHeadersFilter.doFilter(SecureHeadersFilter.java:69) [uberfire-servlet-security-0.8.0.Final.jar:0.8.0.Final]
          at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at org.uberfire.ext.security.server.SecurityIntegrationFilter.doFilter(SecurityIntegrationFilter.java:61) [uberfire-servlet-security-0.8.0.Final.jar:0.8.0.Final]
          at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:85) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:61) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
          at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:56) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.server.handlers.DisableCacheHandler.handleRequest(DisableCacheHandler.java:33) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:51) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:45) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:63) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:56) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
          at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
          at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.servlet.handlers.SessionRestoringHandler.handleRequest(SessionRestoringHandler.java:119) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:261) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:247) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:76) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:166) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.server.Connectors.executeRootHandler(Connectors.java:197) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
          at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:759) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
          at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) [rt.jar:1.7.0_80]
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) [rt.jar:1.7.0_80]
          at java.lang.Thread.run(Unknown Source) [rt.jar:1.7.0_80]

      It seems that JAASUserGroupCallbackImpl is used instead of configured LDAPUserGroupCallbackImpl.

      Did I miss something in my configuratuon?

        • 1. Re: jBPM 6.4.0 + LDAP
          Rustam Usmanov Apprentice

          There is a correct alternative must be defined in jbpm-console.war/WEB-INF/lib/jbpm-services-cdi-6.4.0.Final.jar/META-INF/beans.xml:

           

          <?xml version="1.0" encoding="UTF-8"?>
          <beans xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/beans_1_0.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee">
          <alternatives>
          <class>org.jbpm.services.cdi.producer.LDAPUserGroupInfoProducer</class>
          </alternatives>
          </beans>
          
          
          

           

          Thanks to Re: Jbpm 6 - users and groups from database.