2 Replies Latest reply on Feb 8, 2010 1:15 PM by kukeltje

    Unable to login to jbpm-console

    chipschoch

      JBoss 4.2.2.GA, Jpdl-3.2.2

      I changed the dialect to Sybase and deployed jbpm-console. I am able to deploy processes through the workbench but I cannot login to the jbpm-console. I commented out the identity stuff in the hibernate config and I changed the jaas security domain in jboss-web.xml to my own (one that I use for another application. When I attempt to login I get a 403 error.

      type Status report
      
      message Access to the requested resource has been denied
      
      description Access to the specified resource (Access to the requested resource has been denied) has been forbidden.


      Now if I try to login with a bad username I get a bad username message. When I login with a valid username (valid in my domain) I get the access violation. Does anyone know where page access is configured? I looken in access.properties and even added my role to it but it did not make any difference. Any ideas?

        • 1. Re: Unable to login to jbpm-console

          I faced a similar issue with jbpm 3.2 version. Though this is an older post, found this unanswered. So thought of sharing my solution, so that it helps someone.

           

          The security constraint web.xml under  <jboss_root>\default\deploy\jbpm\jsf-console.war is configured

          for the role "user" only. So it throws a 403 error if the new user created in the database does not belong to the group "user".

          Change it to point to the group that you created.

           

           

            <security-constraint>

              <web-resource-collection>

                <web-resource-name>Secure Area</web-resource-name>

                <url-pattern>/app/*</url-pattern>

                <http-method>GET</http-method>

                <http-method>POST</http-method>

              </web-resource-collection>

              <auth-constraint>

                <role-name>user</role-name>

              </auth-constraint>

            </security-constraint>

          • 2. Re: Unable to login to jbpm-console
            kukeltje
            It has been answered more then once afaik, but the other way around. Instead of chaning the group/role in the web.xml, it was suggested to *also* add a user to the 'user' group.