sandy yang
2013-04-07 15:13:14 UTC
sandy yang [https://community.jboss.org/people/forrest43] created the discussion
"Guvnor JAAS authentification with jboss7"
To view the discussion, visit: https://community.jboss.org/message/806904#806904
--------------------------------------------------------------
My version of the drools guvnor is 5.5.0.Final, the Jboss is 7.1.1.
I tried to change guvnor to use jaas to login, so I added the configuraions as followed
1. add the data source
<datasource jndi-name="java:jboss/datasources/guvnor" pool-name="guvnor-ds-pool">
                  <connection-url>jdbc:postgresql://localhost/guvnor</connection-url>
                  <driver>postgresql</driver>
                  <security>
                      <user-name>postgres</user-name>
                      <password>root</password>
                  </security>
   </datasource>
2. add the jaas configuration
<security-domain name="drools-guvnor-jaas">
                  <authentication>
                      <login-module code="Database" flag="optional">
                          <module-option name="dsJndiName" value="java:jboss/datasources/guvnor"/>
                          <module-option name="principalsQuery" value="select password from guvnorusers where username=?"/>
                          <module-option name="rolesQuery" value="select role,'Roles' from userrole where userName=?"/>
                      </login-module>
                  </authentication>
    </security-domain>
then change the configuration for the 'drools-guvnor.war\WEB-INF\beans.xml' file as followed,
<security:IdentityImpl>
  <s:modifies/>
  <!-- No real authentication: demo authentication for demo purposes -->
  <!--<security:authenticatorClass>org.drools.guvnor.server.security.DemoAuthenticator</security:authenticatorClass>-->
  <!-- JAAS based authentication -->
  <security:authenticatorName>jaasAuthenticator</security:authenticatorName>
  <!-- IDM based authentication (supports LDAP, see Seam 3 and PicketLink IDM documentation) -->
  <!--<security:authenticatorClass>org.jboss.seam.security.management.IdmAuthenticator</security:authenticator>-->
 </security:IdentityImpl>
 <security:jaas.JaasAuthenticator>
  <s:modifies/>
  <!--
    The following one will use the jaas configuration called "other",
    which in jboss AS means you can use properties files for users.
  -->
        <security:jaasConfigName>other</security:jaasConfigName>
 </security:jaas.JaasAuthenticator>
 <!-- SECURITY AUTHORIZATION CONFIGURATION -->
 <!--
    This is used to enable or disable role-based authorization. By default it is disabled.
 -->
 <guvnorSecurity:RoleBasedPermissionResolver>
  <s:modifies/>
  <guvnorSecurity:enableRoleBasedAuthorization>true</guvnorSecurity:enableRoleBasedAuthorization>
 </guvnorSecurity:RoleBasedPermissionResolver>
 <weld:scan>
  <!-- Disable the seam-security by drools rules -->
  <weld:exclude name="org.jboss.seam.security.permission.RuleBasedPermissionResolver"/>
  <!-- TODO remove me when GUVNOR-1196 is fixed -->
  <weld:exclude name="org.drools.guvnor.gwtutil.**"/>
  <weld:exclude name="org.drools.guvnor.client.**"/>
 </weld:scan>
after the adjustment, guvnor could be restart smoothly, but when I log in http://127.0.0.1:8080/drools-guvnor via browser, there is no login interface at all, instead there was an error message â401 This user has no permissions setupâ popup, meanwile, the exception happened in the system background as followed
18:36:02,832 ERROR [org.jboss.seam.security.jaas.JaasAuthenticator] (http--127.0.0.1-8080-1) JAAS authentication failed: javax.security.auth.login.LoginException: java.lang.NullPointerException
        at org.jboss.as.security.RealmUsersRolesLoginModule.createPasswordHash(RealmUsersRolesLoginModule.java:42)
        at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:247)
        at org.jboss.security.auth.spi.UsersRolesLoginModule.login(UsersRolesLoginModule.java:155)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
        at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
        at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
        at java.security.AccessController.doPrivileged(Native Method)
        at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
        at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
        at org.jboss.seam.security.jaas.JaasAuthenticator.authenticate(JaasAuthenticator.java:59)
        at org.jboss.seam.security.jaas.JaasAuthenticator$Proxy$_$$_WeldClientProxy.authenticate(JaasAuthenticator$Proxy$_$$_WeldClientProxy.java)
        at org.jboss.seam.security.IdentityImpl.authenticate(IdentityImpl.java:224)
        at org.jboss.seam.security.IdentityImpl.login(IdentityImpl.java:163)
        at org.jboss.seam.security.IdentityImpl$Proxy$_$$_WeldClientProxy.login(IdentityImpl$Proxy$_$$_WeldClientProxy.java)
        at org.drools.guvnor.server.security.SecurityServiceImpl.tryAutoLoginAsGuest(SecurityServiceImpl.java:110)
        at org.drools.guvnor.server.security.SecurityServiceImpl.getCurrentUser(SecurityServiceImpl.java:99)
        at org.drools.guvnor.server.security.SecurityServiceImpl$Proxy$_$$_WeldClientProxy.getCurrentUser(SecurityServiceImpl$Proxy$_$$_WeldClientProxy.java)
        at org.drools.guvnor.server.SecurityServiceServlet.getCurrentUser(SecurityServiceServlet.java:74)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at com.google.gwt.user.server.rpc.RPC.invokeAndEncodeResponse(RPC.java:569)
        at com.google.gwt.user.server.rpc.RemoteServiceServlet.processCall(RemoteServiceServlet.java:208)
        at com.google.gwt.user.server.rpc.RemoteServiceServlet.processPost(RemoteServiceServlet.java:248)
        at com.google.gwt.user.server.rpc.AbstractRemoteServiceServlet.doPost(AbstractRemoteServiceServlet.java:62)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:754)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:847)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:329)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)
        at org.jboss.weld.servlet.ConversationPropagationFilter.doFilter(ConversationPropagationFilter.java:62)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)
        at org.jboss.solder.servlet.exception.CatchExceptionFilter.doFilter(CatchExceptionFilter.java:65)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)
        at org.jboss.solder.servlet.event.ServletEventBridgeFilter.doFilter(ServletEventBridgeFilter.java:74)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161)
        at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368)
        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877)
        at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671)
        at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930)
        at java.lang.Thread.run(Thread.java:619)
Â
        at javax.security.auth.login.LoginContext.invoke(LoginContext.java:872) [rt.jar:1.6.0_11]
        at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [rt.jar:1.6.0_11]
        at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [rt.jar:1.6.0_11]
        at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.6.0_11]
        at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) [rt.jar:1.6.0_11]
        at javax.security.auth.login.LoginContext.login(LoginContext.java:579) [rt.jar:1.6.0_11]
        at org.jboss.seam.security.jaas.JaasAuthenticator.authenticate(JaasAuthenticator.java:59) [seam-security-3.1.0.Final.jar:3.1.0.Final]
        at org.jboss.seam.security.jaas.JaasAuthenticator$Proxy$_$$_WeldClientProxy.authenticate(JaasAuthenticator$Proxy$_$$_WeldClientProxy.java) [seam-security-3.1.0.Final.jar:3.1.0.Final]
        at org.jboss.seam.security.IdentityImpl.authenticate(IdentityImpl.java:224) [seam-security-3.1.0.Final.jar:3.1.0.Final]
        at org.jboss.seam.security.IdentityImpl.login(IdentityImpl.java:163) [seam-security-3.1.0.Final.jar:3.1.0.Final]
        at org.jboss.seam.security.IdentityImpl$Proxy$_$$_WeldClientProxy.login(IdentityImpl$Proxy$_$$_WeldClientProxy.java) [seam-security-3.1.0.Final.jar:3.1.0.Final]
       at org.drools.guvnor.server.security.SecurityServiceImpl.tryAutoLoginAsGuest(SecurityServiceImpl.java:110) [guvnor-webapp-core-5.5.0.Final.jar:5.5.0.Final]
        at org.drools.guvnor.server.security.SecurityServiceImpl.getCurrentUser(SecurityServiceImpl.java:99) [guvnor-webapp-core-5.5.0.Final.jar:5.5.0.Final]
        at org.drools.guvnor.server.security.SecurityServiceImpl$Proxy$_$$_WeldClientProxy.getCurrentUser(SecurityServiceImpl$Proxy$_$$_WeldClientProxy.java) [guvnor-webapp-core-5.5.0.Final.jar:5.5.0.Final]
        at org.drools.guvnor.server.SecurityServiceServlet.getCurrentUser(SecurityServiceServlet.java:74) [guvnor-webapp-core-5.5.0.Final.jar:5.5.0.Final]
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.6.0_11]
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [rt.jar:1.6.0_11]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [rt.jar:1.6.0_11]
        at java.lang.reflect.Method.invoke(Method.java:597) [rt.jar:1.6.0_11]
        at com.google.gwt.user.server.rpc.RPC.invokeAndEncodeResponse(RPC.java:569) [gwt-servlet-2.4.0.jar:]
        at com.google.gwt.user.server.rpc.RemoteServiceServlet.processCall(RemoteServiceServlet.java:208) [gwt-servlet-2.4.0.jar:]
        at com.google.gwt.user.server.rpc.RemoteServiceServlet.processPost(RemoteServiceServlet.java:248) [gwt-servlet-2.4.0.jar:]
        at com.google.gwt.user.server.rpc.AbstractRemoteServiceServlet.doPost(AbstractRemoteServiceServlet.java:62) [gwt-servlet-2.4.0.jar:]
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:754) [jboss-servlet-api_3.0_spec-1.0.0.Final.jar:1.0.0.Final]
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) [jboss-servlet-api_3.0_spec-1.0.0.Final.jar:1.0.0.Final]
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:329) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:]
        at org.jboss.weld.servlet.ConversationPropagationFilter.doFilter(ConversationPropagationFilter.java:62) [weld-core-1.1.5.AS71.Final.jar:2012-02-10 15:31]
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:]
        at org.jboss.solder.servlet.exception.CatchExceptionFilter.doFilter(CatchExceptionFilter.java:65) [solder-impl-3.1.1.Final.jar:3.1.1.Final]
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:]
        at org.jboss.solder.servlet.event.ServletEventBridgeFilter.doFilter(ServletEventBridgeFilter.java:74) [solder-impl-3.1.1.Final.jar:3.1.1.Final]
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161) [jbossweb-7.0.13.Final.jar:]
        at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.13.Final.jar:]
        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.13.Final.jar:]
        at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.13.Final.jar:]
        at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.13.Final.jar:]
        at java.lang.Thread.run(Thread.java:619) [rt.jar:1.6.0_11]
Â
18:36:03,022 WARNÂ [org.drools.guvnor.server.repository.RulesRepositoryManager] (http--127.0.0.1-8080-1) Creating RulesRepository with default username.
18:36:03,031 INFOÂ [org.drools.repository.RulesRepositoryConfigurator] (http--127.0.0.1-8080-1) Creating an instance of the RulesRepositoryConfigurator.
18:36:03,290 WARNÂ [org.apache.jackrabbit.core.util.RepositoryLock] (http--127.0.0.1-8080-1) Existing lock file D:\AP_SERVER\jboss-as-7.1.1.Final\bin\repository\.lock detected. Repository was not shut down properly.
18:36:03,469 INFOÂ [org.apache.jackrabbit.core.RepositoryImpl] (http--127.0.0.1-8080-1) Starting repository...
18:36:03,474 INFOÂ [org.apache.jackrabbit.core.fs.local.LocalFileSystem] (http--127.0.0.1-8080-1) LocalFileSystem initialized at path repository\repository
18:36:03,650 INFOÂ [org.apache.jackrabbit.core.fs.local.LocalFileSystem] (http--127.0.0.1-8080-1) LocalFileSystem initialized at path repository\version
18:36:06,464 INFOÂ [org.apache.jackrabbit.core.RepositoryImpl] (http--127.0.0.1-8080-1) initializing workspace 'default'...
18:36:06,466 INFOÂ [org.apache.jackrabbit.core.fs.local.LocalFileSystem] (http--127.0.0.1-8080-1) LocalFileSystem initialized at path repository\workspaces\default
18:36:09,213 INFOÂ [org.apache.jackrabbit.core.query.lucene.SearchIndex] (http--127.0.0.1-8080-1) Index initialized: repository/repository/index Version: 3
18:36:09,291 INFOÂ [org.apache.jackrabbit.core.query.lucene.SearchIndex] (http--127.0.0.1-8080-1) Index initialized: repository\workspaces\default/index Version: 3
18:36:09,304 INFOÂ [org.apache.jackrabbit.core.RepositoryImpl] (http--127.0.0.1-8080-1) workspace 'default' initialized
18:36:09,311 INFOÂ [org.apache.jackrabbit.core.RepositoryImpl] (http--127.0.0.1-8080-1) SecurityManager = class org.apache.jackrabbit.core.security.simple.SimpleSecurityManager
18:36:09,314 INFOÂ [org.apache.jackrabbit.core.RepositoryImpl] (http--127.0.0.1-8080-1) initializing workspace 'security'...
18:36:09,316 INFOÂ [org.apache.jackrabbit.core.fs.local.LocalFileSystem] (http--127.0.0.1-8080-1) LocalFileSystem initialized at path repository\workspaces\security
18:36:10,152 INFOÂ [org.apache.jackrabbit.core.query.lucene.SearchIndex] (http--127.0.0.1-8080-1) Index initialized: repository\workspaces\security/index Version: 3
18:36:10,155 INFOÂ [org.apache.jackrabbit.core.RepositoryImpl] (http--127.0.0.1-8080-1) workspace 'security' initialized
18:36:10,157 INFOÂ [org.apache.jackrabbit.core.security.simple.SimpleSecurityManager] (http--127.0.0.1-8080-1) init: using Repository LoginModule configuration for Jackrabbit
18:36:10,164 INFOÂ [org.apache.jackrabbit.core.RepositoryImpl] (http--127.0.0.1-8080-1) Repository started (6695ms)
18:36:10,166 INFOÂ [org.apache.jackrabbit.core.TransientRepository] (http--127.0.0.1-8080-1) Transient repository initialized
18:36:10,211 INFOÂ [org.apache.jackrabbit.core.TransientRepository] (http--127.0.0.1-8080-1) Session opened
18:36:10,228 INFOÂ [org.apache.jackrabbit.core.TransientRepository] (http--127.0.0.1-8080-1) Session opened
18:36:10,252 INFOÂ [org.drools.guvnor.server.SecurityServiceServlet] (http--127.0.0.1-8080-1) Service method 'public abstract org.drools.guvnor.client.rpc.UserSecurityContext org.drools.guvnor.client.rpc.SecurityService.getCurrentUser()' threw an unexpected exception: org.jboss.seam.security.AuthorizationException: This user has no permissions setup.: com.google.gwt.user.server.rpc.UnexpectedException: Service method 'public abstract org.drools.guvnor.client.rpc.UserSecurityContext org.drools.guvnor.client.rpc.SecurityService.getCurrentUser()' threw an unexpected exception: org.jboss.seam.security.AuthorizationException: This user has no permissions setup.
        at com.google.gwt.user.server.rpc.RPC.encodeResponseForFailure(RPC.java:385) [gwt-servlet-2.4.0.jar:]
        at com.google.gwt.user.server.rpc.RPC.invokeAndEncodeResponse(RPC.java:588) [gwt-servlet-2.4.0.jar:]
        at com.google.gwt.user.server.rpc.RemoteServiceServlet.processCall(RemoteServiceServlet.java:208) [gwt-servlet-2.4.0.jar:]
        at com.google.gwt.user.server.rpc.RemoteServiceServlet.processPost(RemoteServiceServlet.java:248) [gwt-servlet-2.4.0.jar:]
        at com.google.gwt.user.server.rpc.AbstractRemoteServiceServlet.doPost(AbstractRemoteServiceServlet.java:62) [gwt-servlet-2.4.0.jar:]
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:754) [jboss-servlet-api_3.0_spec-1.0.0.Final.jar:1.0.0.Final]
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) [jboss-servlet-api_3.0_spec-1.0.0.Final.jar:1.0.0.Final]
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:329) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:]
        at org.jboss.weld.servlet.ConversationPropagationFilter.doFilter(ConversationPropagationFilter.java:62) [weld-core-1.1.5.AS71.Final.jar:2012-02-10 15:31]
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:]
        at org.jboss.solder.servlet.exception.CatchExceptionFilter.doFilter(CatchExceptionFilter.java:65) [solder-impl-3.1.1.Final.jar:3.1.1.Final]
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:]
        at org.jboss.solder.servlet.event.ServletEventBridgeFilter.doFilter(ServletEventBridgeFilter.java:74) [solder-impl-3.1.1.Final.jar:3.1.1.Final]
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161) [jbossweb-7.0.13.Final.jar:]
        at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.13.Final.jar:]
        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.13.Final.jar:]
        at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.13.Final.jar:]
        at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.13.Final.jar:]
        at java.lang.Thread.run(Thread.java:619) [rt.jar:1.6.0_11]
Caused by: org.jboss.seam.security.AuthorizationException: This user has no permissions setup.
        at org.drools.guvnor.server.security.SecurityServiceImpl.getUserCapabilities(SecurityServiceImpl.java:128) [guvnor-webapp-core-5.5.0.Final.jar:5.5.0.Final]
        at org.drools.guvnor.server.security.SecurityServiceImpl.getCurrentUser(SecurityServiceImpl.java:101) [guvnor-webapp-core-5.5.0.Final.jar:5.5.0.Final]
        at org.drools.guvnor.server.security.SecurityServiceImpl$Proxy$_$$_WeldClientProxy.getCurrentUser(SecurityServiceImpl$Proxy$_$$_WeldClientProxy.java) [guvnor-webapp-core-5.5.0.Final.jar:5.5.0.Final]
        at org.drools.guvnor.server.SecurityServiceServlet.getCurrentUser(SecurityServiceServlet.java:74) [guvnor-webapp-core-5.5.0.Final.jar:5.5.0.Final]
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.6.0_11]
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [rt.jar:1.6.0_11]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [rt.jar:1.6.0_11]
        at java.lang.reflect.Method.invoke(Method.java:597) [rt.jar:1.6.0_11]
        at com.google.gwt.user.server.rpc.RPC.invokeAndEncodeResponse(RPC.java:569) [gwt-servlet-2.4.0.jar:]
        ... 27 more
Â
18:36:10,412 INFOÂ [org.apache.jackrabbit.core.TransientRepository] (http--127.0.0.1-8080-1) Session closed
Â
Â
any idear?
Can you tell me what cause this error/exception?
--------------------------------------------------------------
Reply to this message by going to Community
[https://community.jboss.org/message/806904#806904]
Start a new discussion in jBPM at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2034]
"Guvnor JAAS authentification with jboss7"
To view the discussion, visit: https://community.jboss.org/message/806904#806904
--------------------------------------------------------------
My version of the drools guvnor is 5.5.0.Final, the Jboss is 7.1.1.
I tried to change guvnor to use jaas to login, so I added the configuraions as followed
1. add the data source
<datasource jndi-name="java:jboss/datasources/guvnor" pool-name="guvnor-ds-pool">
                  <connection-url>jdbc:postgresql://localhost/guvnor</connection-url>
                  <driver>postgresql</driver>
                  <security>
                      <user-name>postgres</user-name>
                      <password>root</password>
                  </security>
   </datasource>
2. add the jaas configuration
<security-domain name="drools-guvnor-jaas">
                  <authentication>
                      <login-module code="Database" flag="optional">
                          <module-option name="dsJndiName" value="java:jboss/datasources/guvnor"/>
                          <module-option name="principalsQuery" value="select password from guvnorusers where username=?"/>
                          <module-option name="rolesQuery" value="select role,'Roles' from userrole where userName=?"/>
                      </login-module>
                  </authentication>
    </security-domain>
then change the configuration for the 'drools-guvnor.war\WEB-INF\beans.xml' file as followed,
<security:IdentityImpl>
  <s:modifies/>
  <!-- No real authentication: demo authentication for demo purposes -->
  <!--<security:authenticatorClass>org.drools.guvnor.server.security.DemoAuthenticator</security:authenticatorClass>-->
  <!-- JAAS based authentication -->
  <security:authenticatorName>jaasAuthenticator</security:authenticatorName>
  <!-- IDM based authentication (supports LDAP, see Seam 3 and PicketLink IDM documentation) -->
  <!--<security:authenticatorClass>org.jboss.seam.security.management.IdmAuthenticator</security:authenticator>-->
 </security:IdentityImpl>
 <security:jaas.JaasAuthenticator>
  <s:modifies/>
  <!--
    The following one will use the jaas configuration called "other",
    which in jboss AS means you can use properties files for users.
  -->
        <security:jaasConfigName>other</security:jaasConfigName>
 </security:jaas.JaasAuthenticator>
 <!-- SECURITY AUTHORIZATION CONFIGURATION -->
 <!--
    This is used to enable or disable role-based authorization. By default it is disabled.
 -->
 <guvnorSecurity:RoleBasedPermissionResolver>
  <s:modifies/>
  <guvnorSecurity:enableRoleBasedAuthorization>true</guvnorSecurity:enableRoleBasedAuthorization>
 </guvnorSecurity:RoleBasedPermissionResolver>
 <weld:scan>
  <!-- Disable the seam-security by drools rules -->
  <weld:exclude name="org.jboss.seam.security.permission.RuleBasedPermissionResolver"/>
  <!-- TODO remove me when GUVNOR-1196 is fixed -->
  <weld:exclude name="org.drools.guvnor.gwtutil.**"/>
  <weld:exclude name="org.drools.guvnor.client.**"/>
 </weld:scan>
after the adjustment, guvnor could be restart smoothly, but when I log in http://127.0.0.1:8080/drools-guvnor via browser, there is no login interface at all, instead there was an error message â401 This user has no permissions setupâ popup, meanwile, the exception happened in the system background as followed
18:36:02,832 ERROR [org.jboss.seam.security.jaas.JaasAuthenticator] (http--127.0.0.1-8080-1) JAAS authentication failed: javax.security.auth.login.LoginException: java.lang.NullPointerException
        at org.jboss.as.security.RealmUsersRolesLoginModule.createPasswordHash(RealmUsersRolesLoginModule.java:42)
        at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:247)
        at org.jboss.security.auth.spi.UsersRolesLoginModule.login(UsersRolesLoginModule.java:155)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
        at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
        at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
        at java.security.AccessController.doPrivileged(Native Method)
        at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
        at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
        at org.jboss.seam.security.jaas.JaasAuthenticator.authenticate(JaasAuthenticator.java:59)
        at org.jboss.seam.security.jaas.JaasAuthenticator$Proxy$_$$_WeldClientProxy.authenticate(JaasAuthenticator$Proxy$_$$_WeldClientProxy.java)
        at org.jboss.seam.security.IdentityImpl.authenticate(IdentityImpl.java:224)
        at org.jboss.seam.security.IdentityImpl.login(IdentityImpl.java:163)
        at org.jboss.seam.security.IdentityImpl$Proxy$_$$_WeldClientProxy.login(IdentityImpl$Proxy$_$$_WeldClientProxy.java)
        at org.drools.guvnor.server.security.SecurityServiceImpl.tryAutoLoginAsGuest(SecurityServiceImpl.java:110)
        at org.drools.guvnor.server.security.SecurityServiceImpl.getCurrentUser(SecurityServiceImpl.java:99)
        at org.drools.guvnor.server.security.SecurityServiceImpl$Proxy$_$$_WeldClientProxy.getCurrentUser(SecurityServiceImpl$Proxy$_$$_WeldClientProxy.java)
        at org.drools.guvnor.server.SecurityServiceServlet.getCurrentUser(SecurityServiceServlet.java:74)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at com.google.gwt.user.server.rpc.RPC.invokeAndEncodeResponse(RPC.java:569)
        at com.google.gwt.user.server.rpc.RemoteServiceServlet.processCall(RemoteServiceServlet.java:208)
        at com.google.gwt.user.server.rpc.RemoteServiceServlet.processPost(RemoteServiceServlet.java:248)
        at com.google.gwt.user.server.rpc.AbstractRemoteServiceServlet.doPost(AbstractRemoteServiceServlet.java:62)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:754)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:847)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:329)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)
        at org.jboss.weld.servlet.ConversationPropagationFilter.doFilter(ConversationPropagationFilter.java:62)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)
        at org.jboss.solder.servlet.exception.CatchExceptionFilter.doFilter(CatchExceptionFilter.java:65)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)
        at org.jboss.solder.servlet.event.ServletEventBridgeFilter.doFilter(ServletEventBridgeFilter.java:74)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161)
        at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368)
        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877)
        at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671)
        at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930)
        at java.lang.Thread.run(Thread.java:619)
Â
        at javax.security.auth.login.LoginContext.invoke(LoginContext.java:872) [rt.jar:1.6.0_11]
        at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [rt.jar:1.6.0_11]
        at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [rt.jar:1.6.0_11]
        at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.6.0_11]
        at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) [rt.jar:1.6.0_11]
        at javax.security.auth.login.LoginContext.login(LoginContext.java:579) [rt.jar:1.6.0_11]
        at org.jboss.seam.security.jaas.JaasAuthenticator.authenticate(JaasAuthenticator.java:59) [seam-security-3.1.0.Final.jar:3.1.0.Final]
        at org.jboss.seam.security.jaas.JaasAuthenticator$Proxy$_$$_WeldClientProxy.authenticate(JaasAuthenticator$Proxy$_$$_WeldClientProxy.java) [seam-security-3.1.0.Final.jar:3.1.0.Final]
        at org.jboss.seam.security.IdentityImpl.authenticate(IdentityImpl.java:224) [seam-security-3.1.0.Final.jar:3.1.0.Final]
        at org.jboss.seam.security.IdentityImpl.login(IdentityImpl.java:163) [seam-security-3.1.0.Final.jar:3.1.0.Final]
        at org.jboss.seam.security.IdentityImpl$Proxy$_$$_WeldClientProxy.login(IdentityImpl$Proxy$_$$_WeldClientProxy.java) [seam-security-3.1.0.Final.jar:3.1.0.Final]
       at org.drools.guvnor.server.security.SecurityServiceImpl.tryAutoLoginAsGuest(SecurityServiceImpl.java:110) [guvnor-webapp-core-5.5.0.Final.jar:5.5.0.Final]
        at org.drools.guvnor.server.security.SecurityServiceImpl.getCurrentUser(SecurityServiceImpl.java:99) [guvnor-webapp-core-5.5.0.Final.jar:5.5.0.Final]
        at org.drools.guvnor.server.security.SecurityServiceImpl$Proxy$_$$_WeldClientProxy.getCurrentUser(SecurityServiceImpl$Proxy$_$$_WeldClientProxy.java) [guvnor-webapp-core-5.5.0.Final.jar:5.5.0.Final]
        at org.drools.guvnor.server.SecurityServiceServlet.getCurrentUser(SecurityServiceServlet.java:74) [guvnor-webapp-core-5.5.0.Final.jar:5.5.0.Final]
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.6.0_11]
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [rt.jar:1.6.0_11]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [rt.jar:1.6.0_11]
        at java.lang.reflect.Method.invoke(Method.java:597) [rt.jar:1.6.0_11]
        at com.google.gwt.user.server.rpc.RPC.invokeAndEncodeResponse(RPC.java:569) [gwt-servlet-2.4.0.jar:]
        at com.google.gwt.user.server.rpc.RemoteServiceServlet.processCall(RemoteServiceServlet.java:208) [gwt-servlet-2.4.0.jar:]
        at com.google.gwt.user.server.rpc.RemoteServiceServlet.processPost(RemoteServiceServlet.java:248) [gwt-servlet-2.4.0.jar:]
        at com.google.gwt.user.server.rpc.AbstractRemoteServiceServlet.doPost(AbstractRemoteServiceServlet.java:62) [gwt-servlet-2.4.0.jar:]
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:754) [jboss-servlet-api_3.0_spec-1.0.0.Final.jar:1.0.0.Final]
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) [jboss-servlet-api_3.0_spec-1.0.0.Final.jar:1.0.0.Final]
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:329) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:]
        at org.jboss.weld.servlet.ConversationPropagationFilter.doFilter(ConversationPropagationFilter.java:62) [weld-core-1.1.5.AS71.Final.jar:2012-02-10 15:31]
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:]
        at org.jboss.solder.servlet.exception.CatchExceptionFilter.doFilter(CatchExceptionFilter.java:65) [solder-impl-3.1.1.Final.jar:3.1.1.Final]
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:]
        at org.jboss.solder.servlet.event.ServletEventBridgeFilter.doFilter(ServletEventBridgeFilter.java:74) [solder-impl-3.1.1.Final.jar:3.1.1.Final]
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161) [jbossweb-7.0.13.Final.jar:]
        at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.13.Final.jar:]
        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.13.Final.jar:]
        at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.13.Final.jar:]
        at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.13.Final.jar:]
        at java.lang.Thread.run(Thread.java:619) [rt.jar:1.6.0_11]
Â
18:36:03,022 WARNÂ [org.drools.guvnor.server.repository.RulesRepositoryManager] (http--127.0.0.1-8080-1) Creating RulesRepository with default username.
18:36:03,031 INFOÂ [org.drools.repository.RulesRepositoryConfigurator] (http--127.0.0.1-8080-1) Creating an instance of the RulesRepositoryConfigurator.
18:36:03,290 WARNÂ [org.apache.jackrabbit.core.util.RepositoryLock] (http--127.0.0.1-8080-1) Existing lock file D:\AP_SERVER\jboss-as-7.1.1.Final\bin\repository\.lock detected. Repository was not shut down properly.
18:36:03,469 INFOÂ [org.apache.jackrabbit.core.RepositoryImpl] (http--127.0.0.1-8080-1) Starting repository...
18:36:03,474 INFOÂ [org.apache.jackrabbit.core.fs.local.LocalFileSystem] (http--127.0.0.1-8080-1) LocalFileSystem initialized at path repository\repository
18:36:03,650 INFOÂ [org.apache.jackrabbit.core.fs.local.LocalFileSystem] (http--127.0.0.1-8080-1) LocalFileSystem initialized at path repository\version
18:36:06,464 INFOÂ [org.apache.jackrabbit.core.RepositoryImpl] (http--127.0.0.1-8080-1) initializing workspace 'default'...
18:36:06,466 INFOÂ [org.apache.jackrabbit.core.fs.local.LocalFileSystem] (http--127.0.0.1-8080-1) LocalFileSystem initialized at path repository\workspaces\default
18:36:09,213 INFOÂ [org.apache.jackrabbit.core.query.lucene.SearchIndex] (http--127.0.0.1-8080-1) Index initialized: repository/repository/index Version: 3
18:36:09,291 INFOÂ [org.apache.jackrabbit.core.query.lucene.SearchIndex] (http--127.0.0.1-8080-1) Index initialized: repository\workspaces\default/index Version: 3
18:36:09,304 INFOÂ [org.apache.jackrabbit.core.RepositoryImpl] (http--127.0.0.1-8080-1) workspace 'default' initialized
18:36:09,311 INFOÂ [org.apache.jackrabbit.core.RepositoryImpl] (http--127.0.0.1-8080-1) SecurityManager = class org.apache.jackrabbit.core.security.simple.SimpleSecurityManager
18:36:09,314 INFOÂ [org.apache.jackrabbit.core.RepositoryImpl] (http--127.0.0.1-8080-1) initializing workspace 'security'...
18:36:09,316 INFOÂ [org.apache.jackrabbit.core.fs.local.LocalFileSystem] (http--127.0.0.1-8080-1) LocalFileSystem initialized at path repository\workspaces\security
18:36:10,152 INFOÂ [org.apache.jackrabbit.core.query.lucene.SearchIndex] (http--127.0.0.1-8080-1) Index initialized: repository\workspaces\security/index Version: 3
18:36:10,155 INFOÂ [org.apache.jackrabbit.core.RepositoryImpl] (http--127.0.0.1-8080-1) workspace 'security' initialized
18:36:10,157 INFOÂ [org.apache.jackrabbit.core.security.simple.SimpleSecurityManager] (http--127.0.0.1-8080-1) init: using Repository LoginModule configuration for Jackrabbit
18:36:10,164 INFOÂ [org.apache.jackrabbit.core.RepositoryImpl] (http--127.0.0.1-8080-1) Repository started (6695ms)
18:36:10,166 INFOÂ [org.apache.jackrabbit.core.TransientRepository] (http--127.0.0.1-8080-1) Transient repository initialized
18:36:10,211 INFOÂ [org.apache.jackrabbit.core.TransientRepository] (http--127.0.0.1-8080-1) Session opened
18:36:10,228 INFOÂ [org.apache.jackrabbit.core.TransientRepository] (http--127.0.0.1-8080-1) Session opened
18:36:10,252 INFOÂ [org.drools.guvnor.server.SecurityServiceServlet] (http--127.0.0.1-8080-1) Service method 'public abstract org.drools.guvnor.client.rpc.UserSecurityContext org.drools.guvnor.client.rpc.SecurityService.getCurrentUser()' threw an unexpected exception: org.jboss.seam.security.AuthorizationException: This user has no permissions setup.: com.google.gwt.user.server.rpc.UnexpectedException: Service method 'public abstract org.drools.guvnor.client.rpc.UserSecurityContext org.drools.guvnor.client.rpc.SecurityService.getCurrentUser()' threw an unexpected exception: org.jboss.seam.security.AuthorizationException: This user has no permissions setup.
        at com.google.gwt.user.server.rpc.RPC.encodeResponseForFailure(RPC.java:385) [gwt-servlet-2.4.0.jar:]
        at com.google.gwt.user.server.rpc.RPC.invokeAndEncodeResponse(RPC.java:588) [gwt-servlet-2.4.0.jar:]
        at com.google.gwt.user.server.rpc.RemoteServiceServlet.processCall(RemoteServiceServlet.java:208) [gwt-servlet-2.4.0.jar:]
        at com.google.gwt.user.server.rpc.RemoteServiceServlet.processPost(RemoteServiceServlet.java:248) [gwt-servlet-2.4.0.jar:]
        at com.google.gwt.user.server.rpc.AbstractRemoteServiceServlet.doPost(AbstractRemoteServiceServlet.java:62) [gwt-servlet-2.4.0.jar:]
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:754) [jboss-servlet-api_3.0_spec-1.0.0.Final.jar:1.0.0.Final]
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) [jboss-servlet-api_3.0_spec-1.0.0.Final.jar:1.0.0.Final]
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:329) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:]
        at org.jboss.weld.servlet.ConversationPropagationFilter.doFilter(ConversationPropagationFilter.java:62) [weld-core-1.1.5.AS71.Final.jar:2012-02-10 15:31]
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:]
        at org.jboss.solder.servlet.exception.CatchExceptionFilter.doFilter(CatchExceptionFilter.java:65) [solder-impl-3.1.1.Final.jar:3.1.1.Final]
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:]
        at org.jboss.solder.servlet.event.ServletEventBridgeFilter.doFilter(ServletEventBridgeFilter.java:74) [solder-impl-3.1.1.Final.jar:3.1.1.Final]
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161) [jbossweb-7.0.13.Final.jar:]
        at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.13.Final.jar:]
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.13.Final.jar:]
        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.13.Final.jar:]
        at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.13.Final.jar:]
        at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.13.Final.jar:]
        at java.lang.Thread.run(Thread.java:619) [rt.jar:1.6.0_11]
Caused by: org.jboss.seam.security.AuthorizationException: This user has no permissions setup.
        at org.drools.guvnor.server.security.SecurityServiceImpl.getUserCapabilities(SecurityServiceImpl.java:128) [guvnor-webapp-core-5.5.0.Final.jar:5.5.0.Final]
        at org.drools.guvnor.server.security.SecurityServiceImpl.getCurrentUser(SecurityServiceImpl.java:101) [guvnor-webapp-core-5.5.0.Final.jar:5.5.0.Final]
        at org.drools.guvnor.server.security.SecurityServiceImpl$Proxy$_$$_WeldClientProxy.getCurrentUser(SecurityServiceImpl$Proxy$_$$_WeldClientProxy.java) [guvnor-webapp-core-5.5.0.Final.jar:5.5.0.Final]
        at org.drools.guvnor.server.SecurityServiceServlet.getCurrentUser(SecurityServiceServlet.java:74) [guvnor-webapp-core-5.5.0.Final.jar:5.5.0.Final]
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.6.0_11]
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [rt.jar:1.6.0_11]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [rt.jar:1.6.0_11]
        at java.lang.reflect.Method.invoke(Method.java:597) [rt.jar:1.6.0_11]
        at com.google.gwt.user.server.rpc.RPC.invokeAndEncodeResponse(RPC.java:569) [gwt-servlet-2.4.0.jar:]
        ... 27 more
Â
18:36:10,412 INFOÂ [org.apache.jackrabbit.core.TransientRepository] (http--127.0.0.1-8080-1) Session closed
Â
Â
any idear?
Can you tell me what cause this error/exception?
--------------------------------------------------------------
Reply to this message by going to Community
[https://community.jboss.org/message/806904#806904]
Start a new discussion in jBPM at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2034]