6 Replies Latest reply: Jun 16, 2012 3:19 AM by Bhaskaran Venkataraman RSS

My issue with Task Service

Bhaskaran Venkataraman Newbie

I have a simple workflow having a script task, 2 human tasks in succession and then finally another script task.

Each of the human tasks have a form to be displayed and an approve button. I initially tried the basic process

without my own task client. It worked but when the actor for the second human task approved the form it came up

with the following error message. The actor for the first human task is krisv and when he approved the form it went OK.

But when the actor of the second human task which is john tried to approve his form it gave this exception about krisv

which did not make any sense he is not at all involved with the second human task.

org.jboss.resteasy.spi.UnhandledException: org.jbpm.task.service.PermissionDeniedException: Server-side Exception: User '[User:'krisv']' does not have permissions to execution operation 'Start' on task id 5

 

  <potentialOwner>
    <resourceAssignmentExpression>
      <formalExpression>krisv</formalExpression>
    </resourceAssignmentExpression>
  </potentialOwner>

 

  <potentialOwner>
    <resourceAssignmentExpression>
      <formalExpression>john</formalExpression>
    </resourceAssignmentExpression>
  </potentialOwner>

 

Then I tried creating a Mina task client and processing the task in code. I can get the task, claim, start and complete it.

But then how do I view the forms and approve it. I have to go back to the JBPM console. Even the human task panel

in eclipse only allows to start and complete the task. It does not allow to view the forms.

 

Then I thought let me get the task and claim it in code and do the rest in the JBPM console. I thought the Blocking calls

will help me do this. But this did not work either. Since the code was consecutive it successively claimed the respective

tasks for krisv and john. The blocking call did not wait for me complete the operation for krisv through the JBPM console.

 

I am using JBPM5.2. Eclipse Helios SR2, JBoss App Server 7 and I am using the Mina Task Server created by the ant script.

I have my main process when loads the knowledge base, creates the session, registers the human task handler and starts

the process. I have my mina client process which creates the Mina task client and does the processing of the tasks.

 

Your suggestions will be greatly appreciated.

  • 1. Re: My issue with Task Service
    Bhaskaran Venkataraman Newbie

    I want to another important piece of information that I had missed out earlier. When the user krisv logs in to the console he is able

    to see the task in the panel. When he clicks on view there is further authentication before the form is displayed. He has already logged

    in and he is the potential owner of the task. I don't know whey he is required to authenticate again to view the form.

     

    Interestingly the actor for the second human task john when he logs in he is able to view the form without further authentication.

     

    Also the users and groups are defined in the task-service directory which the task server reads. But I was not able to trace the

    assignment between users and groups namely to which groups each user belongs. Also in the auth folder under the jbpm-installer

    there is a file which defines roles. Where is this information used ?

     

    I am thinking that the second authentication information by krisv is remembered and even though it is john who is approving the

    second human task it is remembering the previous authentication.

  • 2. Re: My issue with Task Service
    Bhaskaran Venkataraman Newbie

    I am still stuck with this issue. Need help please.

  • 3. Re: My issue with Task Service
    Rajan Vij Newbie

    This probably because your code is trying to start a task which has already been completed. can you share snippet of the code wherein you are trying to act of retrieved task?

     

    Cheers!!

  • 4. Re: My issue with Task Service
    Bhaskaran Venkataraman Newbie

    Thanks for your help. Actually I tried to run the sample demo program - the evaluation one.

     

    There are 2 screens that are displayed :

    When you type http://localhost:8080/jbpm-console you get a login screen

     

       When you login as "krisv" then go to tasks and select the task that you want to view then there is another login.

       This is the actual BPM Console snapshot. This login is requested only once. When the second user say "john" or

       "mary" logs in and they want to view the tasks it does ask for the second login.

     

       The reason is cookies store the login information and they are valid for the entire session. So when user "john" logs in

       the system does not ask him to authenticate because of the cookies. So even though it is john who is approving

       it remembers from the cookies that it is krisv. So even though it is john who has logged into the JBPM console

       it remembers "krisv" from the BPM console login. This is what I think is the issue.

     

       When I tried deleting the cookies after the logout of "krisv" and then logged in as "john" it asked for the second login

       (BPM Console Login) and it worked fine.

     

    Thanks for your help.

  • 5. Re: My issue with Task Service
    Rajan Vij Newbie

    Great! You might want to mark this discussion complete(answered or assumed answered) so it helps other.

    Thanks.

  • 6. Re: My issue with Task Service
    Bhaskaran Venkataraman Newbie

    Thanks. Though I manually deleted the cookies to test it we can programmatically do it using the HttpServlets.

    The cookies are used by website owners mostly to gather information on user preferences. We can get details

    of the cookies using their domain names and then set the age of the cookies to 0. Then the cookies get deleted

    automatically. So when the second user john or mary logs in they will also have to the second authentication in

    the BPM console.

     

    Of course the other alternative is to eliminate the second authentication itself which seems to be redundant in this

    case. For that of course it is necessary to update source code for GWT console & server. Then build the war files

    and then deploy it on the server.