erouvas
commented
2 years ago Docs seem to be a bit inconsistent regarding the KIE Server user setup. Elytron-based security is required for Business Central installations only. For EAP instances that contain only KIE Server the non-elytron way of configuring users needs to be used. A PR is under way to address this
I just caught an issue within the
pam-setup.shthat causes a misconfiguration in Elytron's security subsystem. This misconfiguration leads to incorrect roles/groups mapping.The offending line in the script is https://github.com/redhat-cop/businessautomation-cop/blob/master/deployment-examples/pam-eap-setup/pam-setup.sh#L532
What really needs to be done is described in sections 14.4 step 1. iii. of the docs. https://access.redhat.com/documentation/en-us/red_hat_process_automation_manager/7.12/html-single/installing_and_configuring_red_hat_process_automation_manager#eap-users-create-proc_install-on-eap