Bug 800508 - Human task service has hardcoded users and groups
Human task service has hardcoded users and groups
Product: JBoss Enterprise BRMS Platform 5
Classification: JBoss
Component: jBPM 5 (Show other bugs)
BRMS 5.3.0.GA
Unspecified Unspecified
unspecified Severity high
: ER6
: BRMS 5.3.0.GA
Assigned To: Maciej Swiderski
Lukáš Petrovický
Depends On:
  Show dependency treegraph
Reported: 2012-03-06 10:46 EST by Zuzana Krejčová
Modified: 2016-07-31 21:13 EDT (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed:
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Zuzana Krejčová 2012-03-06 10:46:04 EST
Description of problem:
Human task service is unusable out-of-the-box. It gets it's users and groups from mvel files deep down in the jbpm-human-task.war directory structure (server/<profile>/deploy/jbpm-human-task.war/WEB-INF/classes/org/jbpm/task/servlet/ with files LoadGroups.mvel and LoadUsers.mvel).
Documentation does not mention it and the user won't be able to find it.
JBPM Console, which uses this human task service, gets its users from users.properties and roles.properties (more or less), it would make sense to do the same for the rest of the BRMS platform, in this case namely the human task service.

This is quite evident once you add your own users (let's say "user1234") to those properties files and then try to assign him a task. User user1234 won't see this task.

Version-Release number of selected component (if applicable):
BRMS 5.3.0 ER4
Comment 1 Maciej Swiderski 2012-04-03 07:42:30 EDT
Pull request ready and available at:

Allows user to define user and group load files via init paramters in web.xml as other configuration elements of HumanTaskServerServlet.
Accepts both mvel and properties files. Location can be specified on classpath (prefixed with classpath:) or by any valid URL.
Comment 2 Kris Verlaenen 2012-04-03 12:24:41 EDT
It can now be configured where to load users and groups from, as well as the usergroupcallback.  When BZ-769931 is resolved, this would for example allow you to configure a callback that looks up users / roles based on JAAS.
Comment 3 Ryan Zhang 2012-04-23 03:40:25 EDT
Update status to ON_QA. Please verify them against ER6.
Comment 5 Zuzana Krejčová 2012-05-23 08:29:44 EDT
It is configurable, providing your own usergroupcallback implementation works, I was able to use different mvel files too, using both classpath: and URL.
There's some problem with properties files, I'll be filing a new BZ for that shortly.
Even with that little problem, this is VERIFIED, as it is possible to configure these things.

Note You need to log in before you can comment on or make changes to this bug.