GUVNOR 7.1中JAAS身份验证的例外情况

时间:2013-05-31 19:43:58

标签: authentication jaas jbpm drools-guvnor

我遇到了为Guvnor配置JAAS身份验证的一组错误。我在jboss社区上搜索了很多,并且对于所有的解决方案,没有什么对我有用。我得到登录弹出窗口或者我得到“此用户没有权限设置”。 Guvnor手册指的是jboss eap 5,我试图在Jboss AS 7.1上这样做。

Note : I am unable to find login-config.xml file mentioned in the following link. http://docs.jboss.org/drools/release/5.5.0.Final/drools-guvnor-docs/html/ch14.html . Is guvnor deployment targeted only for JBOSS EAP 5.0 ?

Environment:
Guvnor 5.5.0.Final
JBOSS AS 7.1.0
Files Configured (Only these files I configured):
Standalone.xml
Guvnor.war/WEB-INF/beans.xml
Created users using “add-user.sh”
standalone/configuration/application-users.properties
          iitDev2=6c92af2424e69ba3cdc2ca981c9fc02b          admin=a085fcb05ca0c1254020e68f4f18217d
standalone/configuration/application-roles.properties
          iitDev2=package.developer          jbossadmin=admin          admin=admin
standalone/configuration/management-users.properties
          jbossadmin=af2056c095d503198cb7a1b432c17bad          iitAdmin=cbfe43200ac3439fee630ecb45cb83ca          iitDev2=76186b89ad376f1b73fd66a632620ba8  Configurations
Standalone.xml :
Only configured below tags. There’s nothing else I changed for the purpose of JAAS Authentication and Guvnor Authorization. Added <security-domain name="drools-guvnor" cache-type="default"> to check if “other” is not working.

<security-domain name="other" cache-type="default">
      <authentication>
      <login-module code="Remoting" flag="optional">
           <module-option name="password-stacking" value="useFirstPass"/>
      </login-module>
      <login-module code="RealmUsersRoles" flag="required">
           <module-option name="usersProperties" value="${jboss.server.config.dir}/application-users.properties"/>
           <module-option name="rolesProperties" value="${jboss.server.config.dir}/application-roles.properties"/>
           <module-option name="realm" value="ApplicationRealm"/>
           <module-option name="password-stacking" value="useFirstPass"/>
      </login-module>
      </authentication>
</security-domain>
<security-domain name="drools-guvnor" cache-type="default">
<authentication>
      <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
           <module-option name="usersProperties" value="${jboss.server.config.dir}/application-users.properties"/>
           <module-option name="rolesProperties" value="${jboss.server.config.dir}/application-roles.properties"/>
           <module-option name="realm" value="ApplicationRealm"/>
           <module-option name="password-stacking" value="useFirstPass"/>
      </login-module>
</authentication>
</security-domain>

Drools-guvnor.war.
beans.xml (Tried 4 different configs as suggested on community)
Config 1 Error “This User has no permission setup”.
<security:IdentityImpl> <s:modifies/>
     <!-- JAAS based authentication -->
     <security:authenticatorName>jaasAuthenticator</security:authenticatorName>  
</security:IdentityImpl>

<security:jaas.JaasAuthenticator>
     <s:modifies/>
     <jaasConfigName>other</jaasConfigName>
</security:jaas.JaasAuthenticator>

<!-- SECURITY AUTHORIZATION CONFIGURATION --> <!-- This is used to enable or disable role-based authorization. By default it is disabled. -->   <guvnorSecurity:RoleBasedPermissionResolver>
     <s:modifies/>
     <guvnorSecurity:enableRoleBasedAuthorization>true</guvnorSecurity:enableRoleBasedAuthorization>
</guvnorSecurity:RoleBasedPermissionResolver>

Config 2 Error “This User has no permission setup”.
      <security:IdentityImpl> <s:modifies/>
           <!-- JAAS based authentication -->
          <security:authenticatorName>jaasAuthenticator</security:authenticatorName>  
     </security:IdentityImpl>
     <security:jaas.JaasAuthenticator>
          <s:modifies/>
          <security:jaasConfigName>drools-guvnor</security:jaasConfigName>
     </security:jaas.JaasAuthenticator> 

<!-- SECURITY AUTHORIZATION CONFIGURATION --> <!-- This is used to enable or disable role-based authorization. By default it is disabled. -->        <guvnorSecurity:RoleBasedPermissionResolver>
          <s:modifies/>
          <guvnorSecurity:enableRoleBasedAuthorization>true</guvnorSecurity:enableRoleBasedAuthorization>
     </guvnorSecurity:RoleBasedPermissionResolver>


Config 3 Error“This User has no permission setup”.

<security:IdentityImpl>
<s:modifies/>
<!-- JAAS based authentication -->
<security:authenticatorName>jaasAuthenticator</security:authenticatorName>
  </security:IdentityImpl>

<security:jaas.JaasAuthenticator>
      <s:modifies/>
      <jaasConfigName>other</jaasConfigName>
  </security:jaas.JaasAuthenticator>

<guvnorSecurity:RoleBasedPermissionResolver>
      <s:modifies/>
      <guvnorSecurity:enableRoleBasedAuthorization>true</guvnorSecurity:enableRoleBasedAuthorization>
</guvnorSecurity:RoleBasedPermissionResolver>

<component name="org.jboss.seam.security.roleBasedPermissionResolver">

<s:modifies/>

<property name="enableRoleBasedAuthorization">true</property>

</component>

I HAVE ALSO ADDED THIS COMPONENT TAG found every where on forums to resolve this issue. I tried Tried without this also but at that time I get LOGIN screen which always says Incorrect User/Password.Is this required or   <guvnorSecurity:RoleBasedPermissionResolver> is the only authorization config.

<component name="org.jboss.seam.security.roleBasedPermissionResolver">;

  <s:modifies/>

  <property name="enableRoleBasedAuthorization">true</property>

</component>


Kindly help me in this configuration. I can’t find a single authentic document for my environment.

2 个答案:

答案 0 :(得分:0)

对于guvnor的身份验证,请访问以下链接。 https://community.jboss.org/message/817783#817783

答案 1 :(得分:0)

您分享的链接适用于drools-guvnor 5.4.0。我的环境是drools-gunor 5.5.0.Final。我发现这个问题在Guvnor JIRA中有报道,直到开放。用户收到以下错误“此用户没有权限设置”。

请参阅以下链接。

Guvnor JIRA Issue for Authorization and Authentication exception

相关问题
最新问题