topic Re: How to make SSO works with Activiti and open am in Alfresco Archive

How to make SSO works with Activiti and open am

penusila611621 — Wed, 12 Nov 2014 10:44:48 GMT

Hi All,I have configured the open am stuff as authentication mechanism to activiti explorer and activiti rest application. this cofiguration is working as below1) open am login page is thrown when I try to access activiti explorer url2) again activiti explorer login page is coming up upon successfu

Re: How to make SSO works with Activiti and open am

penusila611621 — Thu, 13 Nov 2014 04:43:40 GMT

any inputs please

Re: How to make SSO works with Activiti and open am

jbarrez — Wed, 19 Nov 2014 22:40:17 GMT

This is a very specific question … And my knowledge of openam is limited … But my gues is that you will need to override the default classes in explorer, to catch the unauthenticated user and redirect.

Re: How to make SSO works with Activiti and open am

penusila611621 — Thu, 20 Nov 2014 05:05:42 GMT

Thanks jbarrez.

Have removed the existing authentication and coded openam specific and it's working fine.

Re: How to make SSO works with Activiti and open am

jbarrez — Thu, 20 Nov 2014 08:52:50 GMT

Perfect. Would be cool if you could describe a bit in detail the steps you did to get there!

Re: How to make SSO works with Activiti and open am

penusila611621 — Thu, 20 Nov 2014 09:10:16 GMT

How to disable default auhtentication in Activiti rest
……………………………………………………………….
1. Implement RestAuthenticator.java by overrride requestRequiresAuthentication and isRequestAuthorized methods and make them to return always false.
2. if (authenticate() == false) line of code in all the rest api related resources will not attempt authentication because if(restAuthenticator != null && !restAuthenticator.requestRequiresAuthentication(request)) { piece of code in ActivitiRestApplication java class returnds true which make sure the line boolean authenticated = super.authenticate(request, response); never executes. This only only does the actual authentication in rest api

3. Corresponding classes in achieving the code should be overridden and web.xml should contain the extension class of ActivitiRestApplication

Now the openam part
………………………………
1. Follow the below links to use open am authentication in rest application.
https://wikis.forgerock.org/confluence/display/openam/3+OpenAM+Server+Configuration#id-3OpenAMServerConfiguration-CreatingAWebAgent
http://openam.forgerock.org/openam-documentation/openam-doc-source/doc/jee-install-guide/index/chap-jboss-7.html

2. After following the steps given in the above links, any rest call tries to access rest application will go through the open am authentication web page

Re: How to make SSO works with Activiti and open am

jbarrez — Fri, 05 Dec 2014 13:49:50 GMT

Thank you for writing this down for the generations to come!