0

I am in a BRMS technology project in financial sector. Using Drools Guvnor 5.5.0.Final with jboss-as-7.2.0.Alpha1-SNAPSHOT server. I configured the login page in guvnor using jaas successfully. Now I need to have the role Based Permission. But not been able to implement it yet. The beans,xml is

  <security:IdentityImpl>
    <s:modifies/>

    <!-- No real authentication: demo authentication for demo purposes -->
    <!--<security:authenticatorClass>org.drools.guvnor.server.security.DemoAuthenticator</security:authenticatorClass>-->

    <!-- JAAS based authentication --> 
    <security:authenticatorName>jaasAuthenticator</security:authenticatorName>

    <!-- IDM based authentication (supports LDAP, see Seam 3 and PicketLink IDM documentation) -->
    <!--<security:authenticatorClass>org.jboss.seam.security.management.IdmAuthenticator</security:authenticator>-->
  </security:IdentityImpl>

  <security:jaas.JaasAuthenticator>
    <s:modifies/>
    <!--
      The following one will use the jaas configuration called "other",
      which in jboss AS means you can use properties files for users.
    -->
    <s:jaasConfigName>other</s:jaasConfigName>
  </security:jaas.JaasAuthenticator>


  <!-- SECURITY AUTHORIZATION CONFIGURATION -->
  <!--
      This is used to enable or disable role-based authorization. By default it is disabled.
  -->
    <component name="org.jboss.seam.security.permission.PermissionResolver">
        <property name="enableRoleBasedAuthorization">true</property>
        </component>

AND THE standalone.xml is 

<security-domain name="other" cache-type="default">
                    <authentication>
                        <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
                            <module-option name="usersProperties" value="${jboss.server.config.dir}/users.properties"/>
                            <module-option name="rolesProperties" value="${jboss.server.config.dir}/roles.properties"/>
                            <module-option name="defaultUsersProperties" value="${jboss.server.config.dir}/users.properties"/>
                            <module-option name="defaultRolesProperties" value="${jboss.server.config.dir}/roles.properties"/>
                            <module-option name="password-stacking" value="useFirstPass"/>
                        </login-module>
                    </authentication>
                </security-domain>

I don't know what am I missing. Can anyone suggest me over the same. Thanks in advance

4

3 回答 3

0

Solved the Issue. The issue was with one of the class file of seam and configuration of beans.xml

于 2013-04-17T06:46:01.793 回答
0

有关 guvnor 的身份验证,请访问以下链接。

https://community.jboss.org/message/817783#817783

于 2013-05-31T19:52:16.960 回答
0

在我的例子中,需要对 Drools 进行三个特定的更改才能使 Drools Guvnor 5.5.0.Final 与 JBoss EAP 6(基于 AS 7.1 并且应该转换为 AS 7.2)一起工作:修复 XML、替换 seam-security 和补丁Guvnor 文件。

在 beans.xml 中,该jaasConfigName标记未指定命名空间并导致错误。通过更改jaasConfigName为来解决此问题security:jaasConfigName

<security:jaas.JaasAuthenticator>
  <s:modifies/>
  <!--
    The following one will use the jaas configuration called "other",
    which in jboss AS means you can use properties files for users.
  -->
  <security:jaasConfigName>other</security:jaasConfigName>
</security:jaas.JaasAuthenticator>

Guvnor 使用的 Seam Security 版本包含一个错误。要解决此问题,请修改 Guvnor WAR:替换seam-security-3.1.0.Final.jarseam-security-3.2.0.Final.jar和。seam-security-api-3.1.0.Final.jarseam-security-api-3.2.0.Final.jar

Guvnor 的 SecurityServiceImpl 类包含一个错误。要解决此问题,请按照http://drools.46999.n3.nabble.com/How-configure-Guvnor-5-4-JAAS-with-jboss-7-0-2-tp4020424p4020854.html修补并重新编译该类

请注意,Seam Security 和 SecurityServiceImpl 错误已在 GitHub ( https://github.com/droolsjbpm/guvnor/tree/5.5.x ) 上的 Guvnor 5.5.x 分支上得到解决,因此这些问题的最简单解决方案可能是下载并构建最新版本。(这就是我所做的。)

有了这些更改,身份验证和基于角色的授权都应该起作用。在我的测试环境中,我演示了包限制的开发人员访问权限。

https://community.jboss.org/thread/206645 , https://issues.jboss.org/browse/GUVNOR-1989 , https://issues.jboss.org/browse/GUVNOR-1976 , http:// /drools.46999.n3.nabble.com/How-configure-Guvnor-5-4-JAAS-with-jboss-7-0-2-td4020424.htmlhttp://drools.46999.n3.nabble。 com/rules-users-Error-JAAS-Authentication-with-Guvnor-5-5-0-and-Authorization-Error-tt4023826.html获取背景信息。

于 2013-05-26T12:41:48.677 回答