How to modify jbpm-console application to make it retrieve users, roles and groups list from database?

Question

I have connected jBPM 7.11.0 with MySQL 8.0.11 database successfully. Now, I need to login to KIE Workbench with user and their roles with groups being fetched from MySQL DB. Please guide. Currently application is using users.properties and roles.properties files for users authentications. Thanks in advance.

Answer 1

By default the jbpm-console uses the Security Domain "other" configured in standalone.xml file.

This is configured in WEB-INF/jboss-web.xml file like:

<security-domain>other</security-domain>

In order to change this to use a database table, you need to add a new security-domain to standalone.xml with database-login module and specify the domain name in jboss-web.xml

Add a domain to standalone.xml:

  <security-domain name="dbdomain" cache-type="default">
      <authentication>
         <login-module code="Database" flag="required">
             <module-option name="dsJndiName" value="java:jboss/datasources/sampleDS"/>
             <module-option name="principalsQuery" value="select passwd from USERS_TABLE where login=?"/>
             <module-option name="rolesQuery" value="select role 'Roles' from USER_ROLES where login=?"/>
         </login-module>
       </authentication>
   </security-domain>

Change the security-domain value in jboss-web.xml:

<security-domain>dbdomain</security-domain>

User roles should be jbpm supported ones like admin, analyst etc.