Workflows started by unprivileged users hang

Steps to reproduce

Steps to reproduce:
1. create a group, which contains nearly all available roles (to simulate the old role ROLE_COURSE_ADMIN).
2. create an user and attached the user to the group and vice versa.
3. the user creates a series
4. the user uploads a short file and choose "Fast Workflow"

Actual Results:
The workflow remains in status "Pending". The log file shows continously the message

2016-04-28 13:39:47,463 | WARN | (ServiceRegistryJpaImpl:2258) - Service org.opencastproject.workflow@http://<admin>:8080 failed (500) accepting org.opencastproject.job.jpa.JpaJob@625947a1

Expected Results:
Workflow should run correclty

If we do the same procedure as "admin" the workflow starts immediately

Workaround (if any):


Lars Kiesow
May 20, 2016, 11:15 PM

I have problems with cleanup using the `fast` workflow.
The default workflow (admin ui default, not `full`) did complete without a problem

Ruth Lang
May 21, 2016, 2:31 AM

Sorry, my fault. I thought the default workflow is the "fast" one.
Your mentioned default workflow also complete without a problem.

Dietmar Zenker
May 31, 2016, 6:02 PM

Hi Ruth,

I don't know if you could fix the problem meanwhile, but I had realized the same problem with a special workflow based on the "fast" workflow, too...

The problem with the fast workflow and the unprivileged user is caused by the final cleanup operation step that deletes all including the security information, because nothing is defined for the "preserve-flavors" key:
<configuration key="preserve-flavors"></configuration>
If you add the following
<configuration key="preserve-flavors">security/*</configuration>
will fix the problem.
Alternatively, you could replace the cleanup workflow operation step by including ng-partial-cleanup.xml.

Greetings, Dietmar

Ruth Lang
May 31, 2016, 10:52 PM

Hi Dietmar,

we know about this workaround also. But still this only fixes the symptoms not the reasons.



Universität zu Köln

Regionales Rechenzentrum (RRZK)
Weyertal 121, Raum 4.08
D-50931 Köln
✆: +49-221-470-89618 <> <>

Sven Stauber
June 1, 2016, 7:57 PM

I've created a pull request to make sure that security/* is preserved in clean (see

Also, I've filed another issue describing the problem being workarounded:

Fixed and reviewed


Lars Kiesow


Sven Stauber


Incorrectly Functioning Without Workaround

Tags (folksonomy)



Fix versions

Affects versions