Details
-
Bug
-
Resolution: Done
-
Critical
-
None
-
6.0.2
-
None
Description
Description of problem:
The JBoss BPMS security model loads currently controls user permissions through container managed "groups", while it should control permissions through "roles" instead.
Version-Release number of selected component (if applicable):
BPMS/BRMS 6.0.2GA both business-central and dashbuilder
How reproducible:
100%
Steps to Reproduce:
1. Configure application container under BPMS (EAP or WebSphere) to use LDAP for authorization
2. Assign the user to a roles or set of roles, and remove any groups memberships in LDAP with names such as "admin", "developer", "analyst", etc
Out-of-the-box role names defined in ./business-central/WEB-INF/classes/workbench-policy.properties
3. Log into business-central and dashbuilder
4. Check that you have access to both interfaces
5. Click on the user name in the upper right corner (a) and check that the role assignments are listed
Actual results:
Note that the LDAP user's Groups memberships are listed, instead of the Roles (permissions) it has.
Expected results:
Note that the LDAP user's role mappings should be listed.
Additional info:
Loading roles through JACC - http://arjan-tijms.blogspot.com/2014/03/implementing-container-authorization-in.html
