Bug 800508 - Human task service has hardcoded users and groups
Summary: Human task service has hardcoded users and groups
Keywords:
Status: CLOSED UPSTREAM
Alias: None
Product: JBoss Enterprise BRMS Platform 5
Classification: JBoss
Component: jBPM 5
Version: BRMS 5.3.0.GA
Hardware: Unspecified
OS: Unspecified
unspecified
high
Target Milestone: ER6
: BRMS 5.3.0.GA
Assignee: Kris Verlaenen
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2012-03-06 15:46 UTC by Zuzana Krejčová
Modified: 2025-02-10 03:19 UTC (History)
1 user (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2025-02-10 03:19:13 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Bugzilla 824427 1 None None None 2025-02-10 03:19:54 UTC
Red Hat Issue Tracker JBPM-3356 0 None None None Never

Internal Links: 800514 824427

Description Zuzana Krejčová 2012-03-06 15:46:04 UTC
Description of problem:
Human task service is unusable out-of-the-box. It gets it's users and groups from mvel files deep down in the jbpm-human-task.war directory structure (server/<profile>/deploy/jbpm-human-task.war/WEB-INF/classes/org/jbpm/task/servlet/ with files LoadGroups.mvel and LoadUsers.mvel).
Documentation does not mention it and the user won't be able to find it.
JBPM Console, which uses this human task service, gets its users from users.properties and roles.properties (more or less), it would make sense to do the same for the rest of the BRMS platform, in this case namely the human task service.

This is quite evident once you add your own users (let's say "user1234") to those properties files and then try to assign him a task. User user1234 won't see this task.



Version-Release number of selected component (if applicable):
BRMS 5.3.0 ER4

Comment 1 Maciej Swiderski 2012-04-03 11:42:30 UTC
Pull request ready and available at:
https://github.com/droolsjbpm/jbpm/pull/71

Allows user to define user and group load files via init paramters in web.xml as other configuration elements of HumanTaskServerServlet.
Accepts both mvel and properties files. Location can be specified on classpath (prefixed with classpath:) or by any valid URL.

Comment 2 Kris Verlaenen 2012-04-03 16:24:41 UTC
It can now be configured where to load users and groups from, as well as the usergroupcallback.  When BZ-769931 is resolved, this would for example allow you to configure a callback that looks up users / roles based on JAAS.

Comment 3 Ryan Zhang 2012-04-23 07:40:25 UTC
Update status to ON_QA. Please verify them against ER6.

Comment 5 Zuzana Krejčová 2012-05-23 12:29:44 UTC
It is configurable, providing your own usergroupcallback implementation works, I was able to use different mvel files too, using both classpath: and URL.
There's some problem with properties files, I'll be filing a new BZ for that shortly.
Even with that little problem, this is VERIFIED, as it is possible to configure these things.

Comment 12 Red Hat Bugzilla 2025-02-10 03:19:13 UTC
This product has been discontinued or is no longer tracked in Red Hat Bugzilla.


Note You need to log in before you can comment on or make changes to this bug.