https://stackoverflow.com/questions/16864739
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianFor authentication in place for guvnor visit following link. https://community.jboss.org/message/817783#817783
Exceptions in JAAS Authentication in GUVNOR 7.1
-
30-05-2022 - |
Question
I have run into a set of errors configuring JAAS Authentication for Guvnor. I have searched a lot on jboss community and for all the solutions nothing is working for me. I am getting either the login popup or I am getting “This User has no permissions setup”. The Guvnor Manual is referring to jboss eap 5 and I am trying to do this on Jboss AS 7.1.
Note : I am unable to find login-config.xml file mentioned in the following link. http://docs.jboss.org/drools/release/5.5.0.Final/drools-guvnor-docs/html/ch14.html . Is guvnor deployment targeted only for JBOSS EAP 5.0 ?
Environment:
Guvnor 5.5.0.Final
JBOSS AS 7.1.0
Files Configured (Only these files I configured):
Standalone.xml
Guvnor.war/WEB-INF/beans.xml
Created users using “add-user.sh”
standalone/configuration/application-users.properties
iitDev2=6c92af2424e69ba3cdc2ca981c9fc02b admin=a085fcb05ca0c1254020e68f4f18217d
standalone/configuration/application-roles.properties
iitDev2=package.developer jbossadmin=admin admin=admin
standalone/configuration/management-users.properties
jbossadmin=af2056c095d503198cb7a1b432c17bad iitAdmin=cbfe43200ac3439fee630ecb45cb83ca iitDev2=76186b89ad376f1b73fd66a632620ba8 Configurations
Standalone.xml :
Only configured below tags. There’s nothing else I changed for the purpose of JAAS Authentication and Guvnor Authorization. Added <security-domain name="drools-guvnor" cache-type="default"> to check if “other” is not working.
<security-domain name="other" cache-type="default">
<authentication>
<login-module code="Remoting" flag="optional">
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
<login-module code="RealmUsersRoles" flag="required">
<module-option name="usersProperties" value="${jboss.server.config.dir}/application-users.properties"/>
<module-option name="rolesProperties" value="${jboss.server.config.dir}/application-roles.properties"/>
<module-option name="realm" value="ApplicationRealm"/>
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
</authentication>
</security-domain>
<security-domain name="drools-guvnor" cache-type="default">
<authentication>
<login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
<module-option name="usersProperties" value="${jboss.server.config.dir}/application-users.properties"/>
<module-option name="rolesProperties" value="${jboss.server.config.dir}/application-roles.properties"/>
<module-option name="realm" value="ApplicationRealm"/>
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
</authentication>
</security-domain>
Drools-guvnor.war.
beans.xml (Tried 4 different configs as suggested on community)
Config 1 Error “This User has no permission setup”.
<security:IdentityImpl> <s:modifies/>
<!-- JAAS based authentication -->
<security:authenticatorName>jaasAuthenticator</security:authenticatorName>
</security:IdentityImpl>
<security:jaas.JaasAuthenticator>
<s:modifies/>
<jaasConfigName>other</jaasConfigName>
</security:jaas.JaasAuthenticator>
<!-- SECURITY AUTHORIZATION CONFIGURATION --> <!-- This is used to enable or disable role-based authorization. By default it is disabled. --> <guvnorSecurity:RoleBasedPermissionResolver>
<s:modifies/>
<guvnorSecurity:enableRoleBasedAuthorization>true</guvnorSecurity:enableRoleBasedAuthorization>
</guvnorSecurity:RoleBasedPermissionResolver>
Config 2 Error “This User has no permission setup”.
<security:IdentityImpl> <s:modifies/>
<!-- JAAS based authentication -->
<security:authenticatorName>jaasAuthenticator</security:authenticatorName>
</security:IdentityImpl>
<security:jaas.JaasAuthenticator>
<s:modifies/>
<security:jaasConfigName>drools-guvnor</security:jaasConfigName>
</security:jaas.JaasAuthenticator>
<!-- SECURITY AUTHORIZATION CONFIGURATION --> <!-- This is used to enable or disable role-based authorization. By default it is disabled. --> <guvnorSecurity:RoleBasedPermissionResolver>
<s:modifies/>
<guvnorSecurity:enableRoleBasedAuthorization>true</guvnorSecurity:enableRoleBasedAuthorization>
</guvnorSecurity:RoleBasedPermissionResolver>
Config 3 Error“This User has no permission setup”.
<security:IdentityImpl>
<s:modifies/>
<!-- JAAS based authentication -->
<security:authenticatorName>jaasAuthenticator</security:authenticatorName>
</security:IdentityImpl>
<security:jaas.JaasAuthenticator>
<s:modifies/>
<jaasConfigName>other</jaasConfigName>
</security:jaas.JaasAuthenticator>
<guvnorSecurity:RoleBasedPermissionResolver>
<s:modifies/>
<guvnorSecurity:enableRoleBasedAuthorization>true</guvnorSecurity:enableRoleBasedAuthorization>
</guvnorSecurity:RoleBasedPermissionResolver>
<component name="org.jboss.seam.security.roleBasedPermissionResolver">
<s:modifies/>
<property name="enableRoleBasedAuthorization">true</property>
</component>
I HAVE ALSO ADDED THIS COMPONENT TAG found every where on forums to resolve this issue. I tried Tried without this also but at that time I get LOGIN screen which always says Incorrect User/Password.Is this required or <guvnorSecurity:RoleBasedPermissionResolver> is the only authorization config.
<component name="org.jboss.seam.security.roleBasedPermissionResolver">;
<s:modifies/>
<property name="enableRoleBasedAuthorization">true</property>
</component>
Kindly help me in this configuration. I can’t find a single authentic document for my environment.
Solution
OTHER TIPS
The link you shared is for drools-guvnor 5.4.0. My environment is drools-gunor 5.5.0.Final. I have found out that this issue is reported in Guvnor JIRA and is till open. User gets the following error "This user has no permission setup".
See the following link.
Guvnor JIRA Issue for Authorization and Authentication exception
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
