Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Authentication alternatives for REST Webapp

b_schnarr
Champ in-the-making
Champ in-the-making

‎03-04-2014 10:30 AM

Hello at all,

we have an Enterprise Content Management System and want to trigger the activiti rest services from that ecm system. The ECM application and the activiti rest webapp are using the same LDAP directory. The problem is, that the rest services need username and password as basic authentication. When the user is logged into the ECM Application, it is not possible to readout the password of the current logged in user. So we can not send the login data to the rest webapp. Is there another possibility to send credentials to the rest services?

Thanks and best regards
Ben
Labels:
0 Kudos
23 REPLIES 23

muthaks
Champ in-the-making
Champ in-the-making

‎10-22-2014 06:05 AM

Can you provide a sample code for this please. why does the document exclude examples code
0 Kudos

b_schnarr
Champ in-the-making
Champ in-the-making

‎10-19-2015 09:54 AM

Thank you for your response. We want to use IBM-Tokens from an IBM WebSphere App Server for the authentication. Lets say that we are able to extract the User-Id from from the IBM-Token in the RestAuthenticator. Is it sufficient to use the org.activiti.engine.impl.identity.Authentication.setAuthenticatedUserId()? Does the REST-API then know which user it is? When I understand it correctly, the REST-Authenticator works like a Servlet filter. The Procedure would be:

1. Decrypt the IBM-Token in RestAuthentiocator
2. Read out the user-id from the IBM-Cookie (Probably the LDAP CN Name)
3. Set this User-id with org.activiti.engine.impl.identity.Authentication.setAuthenticatedUserId()
4. Perform the REST-Request

Would this be enough that Activiti knows the current user?

Thank you very much
0 Kudos

b_schnarr
Champ in-the-making
Champ in-the-making

‎10-20-2015 02:57 AM

We want to use a special Token from ECM and the activiti api needs to know the initiator. Therefore, a technical user is not the solution. I followed exactly the documentation for rest, created a subclass of org.activiti.rest.service.application.ActivitiRestServicesApplication which implements the method from the RestAuthenticator interface. But this has no affect. What I figured out is that the web.xml gets overrided during the build. Therefore, I altered the web.xml after deployment and restartet the app. But even this does not work…

0 Kudos

achadili
Champ in-the-making
Champ in-the-making

‎08-13-2016 03:15 PM

I found this thread very interesting because I am thinking about the same issue :  How to integrate external users with Activiti.
Did you guys finalize the solution?  Please share the final design.

Thanls
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2026 Khoros, LLC