[KIECLOUD-176] Update RHDM and RHPAM dependency references and versions

jboss-kie-wildfly-common/added/launch/jboss-kie-wildfly-security.sh

@@ -117,7 +117,7 @@ function get_kie_server_token() {
 }
 
 function get_kie_server_roles() {
-    local default_kie_roles="kie-server,rest-all,guest"
+    local default_kie_roles="kie-server,rest-all,user"
     echo $(find_env "KIE_SERVER_ROLES" "${default_kie_roles}")
 }
 
@@ -161,7 +161,7 @@ function get_kie_server_controller_token() {
 }
 
 function get_kie_server_controller_roles() {
-    local default_kie_roles="kie-server,rest-all,guest"
+    local default_kie_roles="kie-server,rest-all,user"
     echo $(find_env "KIE_SERVER_CONTROLLER_ROLES" "${default_kie_roles}")
 }
 
@@ -234,4 +234,4 @@ function add_eap_user() {
             exit
         fi
     fi
-}
+}

jboss-kie-wildfly-common/module.yaml

@@ -19,7 +19,7 @@ envs:
       example: "uid=admin,ou=users,ou=exmample,ou=com"
     - name: "AUTH_LDAP_DEFAULT_ROLE"
       description: "A role included for all authenticated users"
-      example: "guest"
+      example: "user"
     - name: "AUTH_LDAP_DISTINGUISHED_NAME_ATTRIBUTE"
       description: "The name of the attribute in the user entry that contains the DN of the user. This may be necessary if the DN of the user itself contains special characters, backslash for example, that prevent correct user mapping. If the attribute does not exist, the entry’s DN is used."
       example: "distinguishedName"

jboss-kie-workbench/added/launch/jboss-kie-workbench.sh

@@ -52,6 +52,21 @@ function configure() {
     configure_guvnor_settings
     configure_metaspace
     configure_ha
+    # TODO: remove after https://issues.jboss.org/browse/AF-1821
+    temporary_AF-1821
+}
+
+# TODO: remove after https://issues.jboss.org/browse/AF-1821
+function temporary_AF-1821() {
+    local web_xml="${JBOSS_HOME}/standalone/deployments/ROOT.war/WEB-INF/web.xml"
+    local number=1
+    # only clear the 'number' of lines following 'BASIC auth resources', otherwise we clear other matches of 'url-pattern' unintentionally
+    for UP in websocket rest maven2 ws ; do
+        sed -i "/^\s*<web-resource-name>BASIC auth resources<\/web-resource-name>\s*$/,+${number}s/^\s*<url-pattern>\/${UP}\/\*<\/url-pattern>\s*$//" "${web_xml}"
+        ((number++))
+    done
+    # put maven2 back
+    sed -i "/^\s*<web-resource-name>BASIC auth resources<\/web-resource-name>\s*$/,+1s/^$/      <url-pattern>\/maven2\/\*<\/url-pattern>/" "${web_xml}"
 }
 
 function configure_admin_security() {

tests/features/common/kie-controller-common.feature

@@ -9,7 +9,7 @@ Feature: KIE Controller configuration common tests
      And file /opt/eap/standalone/configuration/application-users.properties should not contain mavenUser
      And file /opt/eap/standalone/configuration/application-roles.properties should not contain mavenUser
      And file /opt/eap/standalone/configuration/application-users.properties should contain controllerUser=b39c9321953da48d982c018bb131c4b0
-     And file /opt/eap/standalone/configuration/application-roles.properties should contain controllerUser=kie-server,rest-all,guest
+     And file /opt/eap/standalone/configuration/application-roles.properties should contain controllerUser=kie-server,rest-all,user
      And file /opt/eap/standalone/configuration/application-users.properties should not contain executionUser
      And file /opt/eap/standalone/configuration/application-roles.properties should not contain executionUser
 
@@ -32,7 +32,7 @@ Feature: KIE Controller configuration common tests
      And file /opt/eap/standalone/configuration/application-users.properties should not contain customMvn
      And file /opt/eap/standalone/configuration/application-roles.properties should not contain customMvn
      And file /opt/eap/standalone/configuration/application-users.properties should contain customCtl=cc9f10a8ed20f1409b2282f4d5ca4d43
-     And file /opt/eap/standalone/configuration/application-roles.properties should contain customCtl=kie-server,rest-all,guest
+     And file /opt/eap/standalone/configuration/application-roles.properties should contain customCtl=kie-server,rest-all,user
      And file /opt/eap/standalone/configuration/application-users.properties should not contain customExe
      And file /opt/eap/standalone/configuration/application-roles.properties should not contain customExe
      And container log should contain -Dorg.kie.server.token=token
@@ -48,10 +48,10 @@ Feature: KIE Controller configuration common tests
     Then file /opt/eap/standalone/configuration/application-users.properties should not contain customCtl
      And file /opt/eap/standalone/configuration/application-roles.properties should not contain customCtl
      And file /opt/eap/standalone/configuration/application-users.properties should not contain customExe=d2d5d854411231a97fdbf7fe6f91a786
-     And file /opt/eap/standalone/configuration/application-roles.properties should not contain customExe=kie-server,rest-all,guest
+     And file /opt/eap/standalone/configuration/application-roles.properties should not contain customExe=kie-server,rest-all,user
      And container log should contain External authentication/authorization enabled, skipping the embedded users creation.
-     And container log should contain KIE_SERVER_USER is set to customExe, make sure to configure this user with the provided password on the external auth provider with the roles kie-server,rest-all,guest
-     And container log should contain KIE_SERVER_CONTROLLER_USER is set to customCtl, make sure to configure this user with the provided password on the external auth provider with the roles kie-server,rest-all,guest
+     And container log should contain KIE_SERVER_USER is set to customExe, make sure to configure this user with the provided password on the external auth provider with the roles kie-server,rest-all,user
+     And container log should contain KIE_SERVER_CONTROLLER_USER is set to customCtl, make sure to configure this user with the provided password on the external auth provider with the roles kie-server,rest-all,user
 
   Scenario: Check if eap users are not being created if LDAP is configured
     When container is started with env
@@ -64,23 +64,23 @@ Feature: KIE Controller configuration common tests
     Then file /opt/eap/standalone/configuration/application-users.properties should not contain customCtl
      And file /opt/eap/standalone/configuration/application-roles.properties should not contain customCtl
      And file /opt/eap/standalone/configuration/application-users.properties should not contain customExe=d2d5d854411231a97fdbf7fe6f91a786
-     And file /opt/eap/standalone/configuration/application-roles.properties should not contain customExe=kie-server,rest-all,guest
+     And file /opt/eap/standalone/configuration/application-roles.properties should not contain customExe=kie-server,rest-all,user
      And container log should contain External authentication/authorization enabled, skipping the embedded users creation.
-     And container log should contain KIE_SERVER_USER is set to customExe, make sure to configure this user with the provided password on the external auth provider with the roles kie-server,rest-all,guest
-     And container log should contain KIE_SERVER_CONTROLLER_USER is set to customCtl, make sure to configure this user with the provided password on the external auth provider with the roles kie-server,rest-all,guest
+     And container log should contain KIE_SERVER_USER is set to customExe, make sure to configure this user with the provided password on the external auth provider with the roles kie-server,rest-all,user
+     And container log should contain KIE_SERVER_CONTROLLER_USER is set to customCtl, make sure to configure this user with the provided password on the external auth provider with the roles kie-server,rest-all,user
 
   Scenario: Check if eap users are not being created if SSO is configured with no users env
     When container is started with env
       | variable                   | value         |
       | SSO_URL                    | http://url    |
     Then container log should contain External authentication/authorization enabled, skipping the embedded users creation.
-     And container log should contain Make sure to configure the KIE_SERVER_CONTROLLER_USER user to interact with KIE Server rest api with the roles kie-server,rest-all,guest
-     And container log should contain Make sure to configure the KIE_SERVER_USER user to interact with KIE Server rest api with the roles kie-server,rest-all,guest
+     And container log should contain Make sure to configure the KIE_SERVER_CONTROLLER_USER user to interact with KIE Server rest api with the roles kie-server,rest-all,user
+     And container log should contain Make sure to configure the KIE_SERVER_USER user to interact with KIE Server rest api with the roles kie-server,rest-all,user
 
   Scenario: Check if eap users are not being created if LDAP is configured with no users env
     When container is started with env
       | variable                   | value         |
       | AUTH_LDAP_URL              | ldap://url:389|
     Then container log should contain External authentication/authorization enabled, skipping the embedded users creation.
-     And container log should contain Make sure to configure the KIE_SERVER_CONTROLLER_USER user to interact with KIE Server rest api with the roles kie-server,rest-all,guest
-     And container log should contain Make sure to configure the KIE_SERVER_USER user to interact with KIE Server rest api with the roles kie-server,rest-all,guest
+     And container log should contain Make sure to configure the KIE_SERVER_CONTROLLER_USER user to interact with KIE Server rest api with the roles kie-server,rest-all,user
+     And container log should contain Make sure to configure the KIE_SERVER_USER user to interact with KIE Server rest api with the roles kie-server,rest-all,user

tests/features/common/kie-kieserver-common.feature

@@ -110,7 +110,7 @@ Feature: Kie Server common features
      And file /opt/eap/standalone/configuration/application-users.properties should not contain customCtl
      And file /opt/eap/standalone/configuration/application-roles.properties should not contain customCtl
      And file /opt/eap/standalone/configuration/application-users.properties should contain customExe=d2d5d854411231a97fdbf7fe6f91a786
-     And file /opt/eap/standalone/configuration/application-roles.properties should contain customExe=kie-server,rest-all,guest
+     And file /opt/eap/standalone/configuration/application-roles.properties should contain customExe=kie-server,rest-all,user
 
   Scenario: Check if eap users are not being created if SSO is configured
     When container is started with env
@@ -125,10 +125,10 @@ Feature: Kie Server common features
     Then file /opt/eap/standalone/configuration/application-users.properties should not contain customCtl
      And file /opt/eap/standalone/configuration/application-roles.properties should not contain customCtl
      And file /opt/eap/standalone/configuration/application-users.properties should not contain customExe=d2d5d854411231a97fdbf7fe6f91a786
-     And file /opt/eap/standalone/configuration/application-roles.properties should not contain customExe=kie-server,rest-all,guest
+     And file /opt/eap/standalone/configuration/application-roles.properties should not contain customExe=kie-server,rest-all,user
      And container log should contain External authentication/authorization enabled, skipping the embedded users creation.
-     And container log should contain KIE_SERVER_USER is set to customExe, make sure to configure this user with the provided password on the external auth provider with the roles kie-server,rest-all,guest
-     And container log should contain KIE_SERVER_CONTROLLER_USER is set to customCtl, make sure to configure this user with the provided password on the external auth provider with the roles kie-server,rest-all,guest
+     And container log should contain KIE_SERVER_USER is set to customExe, make sure to configure this user with the provided password on the external auth provider with the roles kie-server,rest-all,user
+     And container log should contain KIE_SERVER_CONTROLLER_USER is set to customCtl, make sure to configure this user with the provided password on the external auth provider with the roles kie-server,rest-all,user
      And container log should contain KIE_ADMIN_USER is set to customExe, make sure to configure this user with the provided password on the external auth provider with the roles kie-server,rest-all,admin,kiemgmt,Administrators
 
   Scenario: Check if eap users are not being created if LDAP is configured
@@ -144,10 +144,10 @@ Feature: Kie Server common features
     Then file /opt/eap/standalone/configuration/application-users.properties should not contain customCtl
      And file /opt/eap/standalone/configuration/application-roles.properties should not contain customCtl
      And file /opt/eap/standalone/configuration/application-users.properties should not contain customExe=d2d5d854411231a97fdbf7fe6f91a786
-     And file /opt/eap/standalone/configuration/application-roles.properties should not contain customExe=kie-server,rest-all,guest
+     And file /opt/eap/standalone/configuration/application-roles.properties should not contain customExe=kie-server,rest-all,user
      And container log should contain External authentication/authorization enabled, skipping the embedded users creation.
-     And container log should contain KIE_SERVER_USER is set to customExe, make sure to configure this user with the provided password on the external auth provider with the roles kie-server,rest-all,guest
-     And container log should contain KIE_SERVER_CONTROLLER_USER is set to customCtl, make sure to configure this user with the provided password on the external auth provider with the roles kie-server,rest-all,guest
+     And container log should contain KIE_SERVER_USER is set to customExe, make sure to configure this user with the provided password on the external auth provider with the roles kie-server,rest-all,user
+     And container log should contain KIE_SERVER_CONTROLLER_USER is set to customCtl, make sure to configure this user with the provided password on the external auth provider with the roles kie-server,rest-all,user
      And container log should contain KIE_ADMIN_USER is set to customExe, make sure to configure this user with the provided password on the external auth provider with the roles kie-server,rest-all,admin,kiemgmt,Administrators
 
   Scenario: Check if eap users are not being created if SSO is configured with no users env
@@ -156,8 +156,8 @@ Feature: Kie Server common features
       | SSO_URL                    | http://url    |
     Then container log should contain External authentication/authorization enabled, skipping the embedded users creation.
      And container log should contain Make sure to configure the KIE_MAVEN_USER user to interact with Business Central embedded maven server
-     And container log should contain Make sure to configure the KIE_SERVER_CONTROLLER_USER user to interact with KIE Server rest api with the roles kie-server,rest-all,guest
-     And container log should contain Make sure to configure the KIE_SERVER_USER user to interact with KIE Server rest api with the roles kie-server,rest-all,guest
+     And container log should contain Make sure to configure the KIE_SERVER_CONTROLLER_USER user to interact with KIE Server rest api with the roles kie-server,rest-all,user
+     And container log should contain Make sure to configure the KIE_SERVER_USER user to interact with KIE Server rest api with the roles kie-server,rest-all,user
      And container log should contain Make sure to configure a ADMIN user to access the Business Central with the roles kie-server,rest-all,admin,kiemgmt,Administrators
 
   Scenario: Check if eap users are not being created if LDAP is configured with no users env
@@ -166,8 +166,8 @@ Feature: Kie Server common features
       | AUTH_LDAP_URL              | ldap://url:389|
     Then container log should contain External authentication/authorization enabled, skipping the embedded users creation.
      And container log should contain Make sure to configure the KIE_MAVEN_USER user to interact with Business Central embedded maven server
-     And container log should contain Make sure to configure the KIE_SERVER_CONTROLLER_USER user to interact with KIE Server rest api with the roles kie-server,rest-all,guest
-     And container log should contain Make sure to configure the KIE_SERVER_USER user to interact with KIE Server rest api with the roles kie-server,rest-all,guest
+     And container log should contain Make sure to configure the KIE_SERVER_CONTROLLER_USER user to interact with KIE Server rest api with the roles kie-server,rest-all,user
+     And container log should contain Make sure to configure the KIE_SERVER_USER user to interact with KIE Server rest api with the roles kie-server,rest-all,user
      And container log should contain Make sure to configure a ADMIN user to access the Business Central with the roles kie-server,rest-all,admin,kiemgmt,Administrators
 
   Scenario: Check custom users are properly configured
@@ -194,7 +194,7 @@ Feature: Kie Server common features
      And file /opt/eap/standalone/configuration/application-users.properties should not contain controllerUser
      And file /opt/eap/standalone/configuration/application-roles.properties should not contain controllerUser
      And file /opt/eap/standalone/configuration/application-users.properties should contain executionUser=69ea96114cd41afa6a9d5be2e1e0531e
-     And file /opt/eap/standalone/configuration/application-roles.properties should contain executionUser=kie-server,rest-all,guest
+     And file /opt/eap/standalone/configuration/application-roles.properties should contain executionUser=kie-server,rest-all,user
 
   Scenario: Configure kie server to use LDAP authentication
     When container is started with env