I am trying to test the new feature of LDAP integration for Activiti 5.13. The instructions talk about the dependency of activiti-ldap. It appears that this JAR file is not part of the distribution.
1. Where do I get activiti-ldap.jar 2. is it possible to have seperate baseDN for 'Users' and 'Groups', for eg. baseDN o=xyzcorp for 'Users' o=xyzcorpAPPS for 'Groups'
If possible, please upload the Activiti LDAP Integration example for Activiti version 5.13. I am happy that Activiti team now provides LDAP integration out-of-the-box. LDAP integration is the key factor which drives the workflow for BPM products like Activiti. Each organization has their own model in setting and scaling LDAP tree for enterprise. In our case, we use Novell E-Directory. I have been fairly successful in integrating LDAP with Activiti Engine version 5.12.1. However getting it working with Activiti-Explorer wasn't a smooth ride by any means, still a bumpy road. I don't want sound negative here. May be I am missing something with respect to session / user cache for Activiti Explorer.
2. No, currently it's only possible to have the same baseDn. However, the goal of the ldap code is to get you started, you should be able to take the code and tweak it the way you need. But I'll add the option to choose baseDN for both.
4. The user cache is removed from the 5.13 version of the Explorer for that exact reason. I used the config as above to hook up my ldap with Explorer and was able to login with ldap credentials and fetch its groups.
Thanks for the reply. Appreciated. On point 1, yes I have downloaded the JAR and source as well. On point 2, sure, I will take the code and tweak it. On point 3, I will follow that example.. On point 4, Thanks for the update.
Thanks for the information. I've different request which i wanted to highlight to this forum.
1) I've configured AD with Activity Explorer successfully.
2) When logon to Activiti Explorer, it does checkPassword() - for validating user-id/password. this behavior is very basic and it does normally. 3) then immediately LDAPUserManager. findUserByQueryCriteria 4) then LDAPGroupManager.findGroupByQueryCriteria and this internally gets users findGroupsByUser 5) can we do some tuning on the above method calls…? for bpm engine and activiti-explorer, the above method calls are mandatory. but still i feel those are expensive methods.
suppose if i use a custom application and wanted to do only authentication then the above methods are unnecessary.
anyhow just thought to ask.. sorry if my question is stupid to ask.
