Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1146088

Summary: Unable to complete Human Task when Java Security Manager is enabled
Product: [Retired] JBoss BPMS Platform 6 Reporter: Anton Giertli <agiertli>
Component: ConfigurationAssignee: Ryan Zhang <rzhang>
Status: CLOSED EOL QA Contact: Lukáš Petrovický <lpetrovi>
Severity: medium Docs Contact:
Priority: medium    
Version: 6.0.2CC: kverlaen, mbaluch, rrajasek
Target Milestone: ER1   
Target Release: 6.1.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-03-27 20:07:25 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
[0] process definition
none
[2] server.log none

Description Anton Giertli 2014-09-24 12:37:15 UTC 
Created attachment 940769 [details]
[0] process definition

Description of problem:

It is not possible to complete Human Task when

- two or more embedded sub processes are modelled within one main process
- Human Task is located within this embedded sub process
- Java Security Manager is enabled

Version-Release number of selected component (if applicable):
BPM Suite 6.0.2
BPM Suite 6.0.3

How reproducible:
always

Steps to Reproduce:
1. Import attached BPMN process into business-central (change task actor accordingly)
2. Start the process, claim the task, complete the task
3. Observe the exception

Actual results:

It is not possible to complete the task

Expected results:
 It is possible to complete the task
Comment 1 Anton Giertli 2014-09-24 12:39:09 UTC 
Created attachment 940771 [details]
[2] server.log
Comment 3 Anton Giertli 2014-09-24 12:41:47 UTC 
I don't know why this issue presents itself only when multiple embedded sub processes are used, however, I was able to bypass it with the configuration change of kie.policy file, adding:

permission org.jboss.as.naming.JndiPermission "UserTransaction", "lookup";
permission org.jboss.as.naming.JndiPermission "TransactionManager", "lookup";
permission org.jboss.as.naming.JndiPermission "TransactionSynchronizationRegistry", "lookup";

Helped to resolve the issue at my end.
Comment 4 Anton Giertli 2014-09-24 12:47:47 UTC 
Note: 

If you want to enable Java Security Manager just install the product using UI installer and tick the checkbox "enable Java Security Manager". I have used these default settings for reproducing the issue.
Comment 5 Anton Giertli 2014-09-26 08:24:36 UTC 
When I set boundary signal event to CancelActivity = true in the attached process definition, the issues vanishes. However, I am not sure if the PermissionDenied exception was the desired behaviour even if the process definition wasn't entirely correct.
Comment 7 Jan Hrcek 2014-10-02 09:45:46 UTC 
QE: I managed to reproduce the issue using the steps from comment #1 with BPMS 6.0.3. 

However I was unable to reproduce it with 6.1.0 DR3, because that version (nor the previous version DR2) does not even start using standalone-secure.sh. This has been reported in separate bug #1148755
Comment 8 Ryan Zhang 2014-11-05 10:14:32 UTC 
Since I fixed the related bug 1148755, so please test this issue again on ER1 to make sure this still a problem on 6.1.0.
Comment 9 Jan Hrcek 2014-12-03 08:49:39 UTC 
QE: I checked with BPM Suite 6.1.0 ER2, which can now be started successfully with standalone-secure.sh

It seems that the issue is no longer there - I was able to complete both tasks from the process provided, there was no exception. But I'm not sure what that means for 6.0. Rajesh?
Comment 11 Jan Hrcek 2014-12-03 14:06:11 UTC 
Verified with BPM Suite 6.1.0 ER2