https://connect.hyland.com/t5/alfresco-archive/explorer-and-sso-custom-role-provider/m-p/9316#M3284 <HTML><HEAD></HEAD><BODY><SPAN>Hi,</SPAN><BR /><BR /><SPAN>I am looking to integrate the process explorer into our current infrastructure. We have a company-wide SSO based on CAS for authentication and an authorization webservice that must be used to return the user's current roles for an application. </SPAN><BR /><BR /><SPAN>In term of process explorer flexibility i was wondering if the following is achievable:</SPAN><BR /><BR /><SPAN>1) no longer use the rest api for user login but assume that by the time the user reaches the web interface he will have already been logged in by the sso</SPAN><BR /><SPAN>2) similarly, all user roles and groups should not be retrieved through the rest api but fetched through our webservice</SPAN><BR /><SPAN>3) process explorer uses rest api for all process interaction IIUC. Can it be modified to not do this and just do direct database interaction via a configured process engine via a datasource ? This would remove the need for implementing system-to-system authentication on the process explorer for the rest access, something which is possible in our SSO but quite heavyweight (involves SSL, proxy granting tickets etc).</SPAN><BR /><BR /><SPAN>Also i was wondering what the strategy is of the REST api in general ? Is it going to play more and more a pivotal role for all activiti solutions and will it become mandatory at some point or will you always consider it to be optional for using the activiti webapps ?</SPAN><BR /><BR /><SPAN>Thanks for any insights !</SPAN><BR /><SPAN>Jorg</SPAN></BODY></HTML> Wed, 23 Feb 2011 15:34:48 GMT heymjo 2011-02-23T15:34:48Z https://connect.hyland.com/t5/alfresco-archive/explorer-and-sso-custom-role-provider/m-p/9316#M3284 Hi,I am looking to integrate the process explorer into our current infrastructure. We have a company-wide SSO based on CAS for authentication and an authorization webservice that must be used to return the user's current roles for an application. In term of process explorer flexibility i was wonderi Wed, 23 Feb 2011 15:34:48 GMT https://connect.hyland.com/t5/alfresco-archive/explorer-and-sso-custom-role-provider/m-p/9316#M3284 heymjo 2011-02-23T15:34:48Z https://connect.hyland.com/t5/alfresco-archive/explorer-and-sso-custom-role-provider/m-p/9317#M3285 <HTML><HEAD></HEAD><BODY><SPAN>we don't have the authentication pluggability in the explorer.</SPAN><BR /><BR /><SPAN>there is pluggability for the identity data.&nbsp; search for identitysession and identitysessionfactory in the userguide and in the code.</SPAN><BR /><BR /><SPAN>rest will always be optional.&nbsp; some webapps currently depend on it.&nbsp; in the future we expect that maybe less webapps will depend on the rest api.</SPAN></BODY></HTML> Fri, 25 Feb 2011 10:52:48 GMT https://connect.hyland.com/t5/alfresco-archive/explorer-and-sso-custom-role-provider/m-p/9317#M3285 tombaeyens 2011-02-25T10:52:48Z