I upgraded the version of spring-framework and spring-security for our application.
From:
<spring.version>4.1.1.RELEASE</spring.version>
<spring-security.version>3.2.5.RELEASE</spring-security.version>
To:
<spring.version>4.3.10.RELEASE</spring.version>
<spring-security.version>4.2.3.RELEASE</spring-security.version>
We are running Activiti version:
<dependency>
<groupId>org.activiti</groupId>
<artifactId>activiti-engine</artifactId>
<version>5.17.0</version>
</dependency>
<dependency>
<groupId>org.activiti</groupId>
<artifactId>activiti-spring</artifactId>
<version>5.17.0</version>
</dependency>
And I am faced with the following issue on some tasks:
INFO] [talledLocalContainer] 2017-08-02 09:30:48,264 [pool-1-thread-9] ERROR org.activiti.engine.impl.asyncexecutor.ExecuteAsyncRunnable - Job 24212912 failed
[INFO] [talledLocalContainer] org.springframework.security.access.AccessDeniedException: Access is denied
[INFO] [talledLocalContainer] at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:84)
[INFO] [talledLocalContainer] at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:233)
[INFO] [talledLocalContainer] at org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:65)
[INFO] [talledLocalContainer] at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
[INFO] [talledLocalContainer] at org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:99)
[INFO] [talledLocalContainer] at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:282)
[INFO] [talledLocalContainer] at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96)
[INFO] [talledLocalContainer] at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
[INFO] [talledLocalContainer] at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:673)
Can be closed,
The issue was generated because Spring-Security 4 places a prefix when using hasRole or hasAnyRole. Using hasAuthority or hasAnyAuthority fixes it.
Cheers,
Costel
Ask for and offer help to other Alfresco Process Services and Activiti Users and members of the Alfresco team.
By using this site, you are agreeing to allow us to collect and use cookies as outlined in Alfresco’s Cookie Statement and Terms of Use (and you have a legitimate interest in Alfresco and our products, authorizing us to contact you in such methods). If you are not ok with these terms, please do not use this website.