Description of problem: It is not possible to get tasks assigned to different users through remote APIs. Version-Release number of selected component (if applicable): 6.2.0 ER2 Steps to Reproduce: 1. Use one user credentials when using remote APIs 2. Try to get tasks for another users. Actual results: org.kie.remote.client.api.exception.RemoteApiException: The user id used when retrieving task information (user1) must match the authenticating user (user2)! Expected results: It should be possible somehow bypass this check to allow testing processes with tasks assigned to different users. Additional info: This influences many tests in our remote APIs test suite.
This is done on purpose, otherwise people can get access to other people's tasks, which is something we need to prevent. How are you suggesting we should bypass this (as obviously we then don't want users to be able to do this as well)?
Kris, I know people should not be able to get access to other people's tasks. However, especially for test purposes, it is essential to be able to execute tasks that are assigned to various people. I have discussed this with Marco and we agreed on creating a special property which will disable this check if set to true. He has already implemented it: (master) https://github.com/droolsjbpm/droolsjbpm-integration/commit/a64f2168a39ded5caf57bda9b444ff2950169bd0 https://github.com/droolsjbpm/droolsjbpm-integration/commit/fbac57ded8f48e164ee175a22213a01f89c718eb
This is not a test blocker anymore. I have found a way how to use several users when executing task commands in our test suite.
Since Tomas has found a workaround, I'm closing this bug.
Could you implement the workaround for the Remote JMS API too? When I call it, it throws the IllegalStateException. org.kie.remote.client.api.exception.RemoteApiException: IllegalStateException thrown with message 'The user id used when retrieving task information (nino) must match the authenticating user (admin)!': java.lang.IllegalStateException: The user id used when retrieving task information (nino) must match the authenticating user (admin)! at org.kie.remote.services.jms.RequestMessageBean.jmsProcessJaxbCommandsRequest(RequestMessageBean.java:391) at org.kie.remote.services.jms.RequestMessageBean.onMessage(RequestMessageBean.java:219) Tested on the jBPM 6.4.0 version.