Enabling role-based authorization for BRM (i.e. Guvnor) causes "Authorization check failed for permission[org.drools.guvnor.server.security.AdminType@55b47724,admin]" exception

Solution Unverified - Updated 2014-05-16T09:20:44+00:00 -

Issue

The role-based authorization has been enabled inside $JBOSS_HOME/server/$PROFILE/deploy/jboss-brms.war/WEB-INF/components.xml file, like this:

    <!-- SECURITY AUTHORIZATION CONFIGURATION -->
    <!--
        This is used to enable or disable role-based authorization. By default
        it is disabled.
    -->
    <component name="org.jboss.seam.security.roleBasedPermissionResolver">
        <property name="enableRoleBasedAuthorization">true</property>
    </component>

Before making this change, admin user was able to access the tabs like User Permission or Event Log from Administration section of the BRM (i.e. Guvnor) . But, currently it does not even allow admin user to access those features from Administration section , saying Sorry, insufficient permissions to perform this action.
Also, it gives the below ERROR inside server log:

ERROR [org.drools.guvnor.server.RepositoryServiceServlet] (http-127.0.0.1-8080-5) Service method 'public abstract org.drools.guvnor.client.rpc.PageResponse org.drools.guvnor.client.rpc.RepositoryService.showLog(org.drools.guvnor.client.rpc.PageRequest)' threw an unexpected exception: org.jboss.seam.security.AuthorizationException: Authorization check failed for permission[org.drools.guvnor.server.security.AdminType@349b3786,admin]
org.jboss.seam.security.AuthorizationException: Authorization check failed for permission[org.drools.guvnor.server.security.AdminType@349b3786,admin]
    at org.jboss.seam.security.Identity.checkPermission(Identity.java:590)
    at org.drools.guvnor.server.ServiceSecurity.checkSecurityIsAdmin(ServiceSecurity.java:33)
    at org.drools.guvnor.server.ServiceImplementation.showLog(ServiceImplementation.java:492)
...

ERROR [STDERR] (http-127.0.0.1-8080-5) com.google.gwt.user.server.rpc.UnexpectedException: Service method 'public abstract org.drools.guvnor.client.rpc.PageResponse org.drools.guvnor.client.rpc.RepositoryService.showLog(org.drools.guvnor.client.rpc.PageRequest)' threw an unexpected exception: org.jboss.seam.security.AuthorizationException: Authorization check failed for permission[org.drools.guvnor.server.security.AdminType@55b47724,admin]
        at com.google.gwt.user.server.rpc.RPC.encodeResponseForFailure(RPC.java:385)
    at com.google.gwt.user.server.rpc.RPC.invokeAndEncodeResponse(RPC.java:588)
...
        Caused by: org.jboss.seam.security.AuthorizationException: Authorization check failed for permission[org.drools.guvnor.server.security.AdminType@55b47724,admin]
    at org.jboss.seam.security.Identity.checkPermission(Identity.java:590)
    at org.drools.guvnor.server.ServiceSecurity.checkSecurityIsAdmin(ServiceSecurity.java:33)
    at org.drools.guvnor.server.ServiceImplementation.showLog(ServiceImplementation.javGuvnora:492)
...

Is there any way to solve this issue?

Environment

Red Hat JBoss BRMS (BRMS)
- 5.3.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

New to Red Hat?

Learn more about Red Hat subscriptions

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

JBoss Development and Management

JBoss Integration and Automation

Mobile

Services

Tools

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories