沿着这个过程我们有一个人工任务,虽然我有问题要分配它。在当前状态下,可以将其分配给任何用户(内部/每个人)。
对于HT,我有以下配置:
<htd:logicalPeopleGroups>
<htd:logicalPeopleGroup name="everybody">
<htd:documentation xml:lang="en-US">
Everybody
</htd:documentation>
<htd:parameter name="role" type="xsd:string" />
</htd:logicalPeopleGroup>
</htd:logicalPeopleGroups>
<htd:peopleAssignments>
<htd:potentialOwners>
<htd:from logicalPeopleGroup="everybody">
<htd:argument name="role">
Internal/everyone
</htd:argument>
</htd:from>
</htd:potentialOwners>
</htd:peopleAssignments>
适用于本地环境(本地用户以管理员用户身份访问)。
但是 - 部署在具有AD身份验证的服务器上,我无法访问已创建的任务。
在humantask-explorer中,我可以将任务视为“Claimable”,但不能将其视为“我的任务”。尝试打开任务我收到了消息
拒绝访问。您无权执行此任务
和wso2carbon.log声称
ID: [-1234] [] [2017-02-18 11:05:28,100] ERROR {org.wso2.carbon.humantask.core.api.client.TaskOperationsImpl} - org
.wso2.carbon.humantask.core.engine.runtime.api.HumanTaskIllegalAccessException: Access Denied. You are not authorized
to perform this task {org.wso2.carbon.humantask.core.api.client.TaskOperationsImpl}
TID: [-1234] [] [ 11:05:28,592] ERROR {org.wso2.carbon.humantask.core.engine.commands.Claim} - The user[ex
t-admin] cannot perform [GetInput] operation as either he is in EXCLUDED_OWNERS role or he is not in task roles
[[ACTUAL_OWNER, POTENTIAL_OWNERS, BUSINESS_ADMINISTRATORS, STAKEHOLDERS, TASK_INITIATOR, NOTIFICATION_RECIPIENTS]] {o
rg.wso2.carbon.humantask.core.engine.commands.Claim}
谢谢大家的提示
答案 0 :(得分:0)
这是您的LDAP的问题。用户ext-admin必须是un internal / everyone组才能使他能够处理该任务。