Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to make SSO works with Activiti and open am

penusila611621
Champ in-the-making
Champ in-the-making

‎11-12-2014 05:44 AM

Hi All,

I have configured the open am stuff as authentication mechanism to activiti explorer and activiti rest application.  this cofiguration is working as below

1) open am login page is thrown when I try to access activiti explorer url
2) again activiti explorer login page is coming up upon successful authentication in step 1
3) open am is running on tomocat & Activiti app & rest are running in separate jboss eap
4) both open am & activiti are pointed to same ldap through open dj ldap

I want activiti login page should be skipped of through sso mechanism. Please anybody let me know how to pass autheticated token to activiti app to use and skipe the login action.
Labels:
0 Kudos
6 REPLIES 6

penusila611621
Champ in-the-making
Champ in-the-making

‎11-12-2014 11:43 PM

any inputs please
0 Kudos

jbarrez
Star Contributor
Star Contributor

‎11-19-2014 05:40 PM

This is a very specific question … And my knowledge of openam is limited … But my gues is that you will need to override the default classes in explorer, to catch the unauthenticated user and redirect.
0 Kudos

penusila611621
Champ in-the-making
Champ in-the-making

‎11-20-2014 12:05 AM

Thanks jbarrez.

Have removed the existing authentication and coded openam specific and it's working fine.
0 Kudos

jbarrez
Star Contributor
Star Contributor

‎11-20-2014 03:52 AM

Perfect. Would be cool if you could describe a bit in detail the steps you did to get there!
0 Kudos

penusila611621
Champ in-the-making
Champ in-the-making

‎11-20-2014 04:10 AM

How to disable default auhtentication in Activiti rest
……………………………………………………………….
1. Implement RestAuthenticator.java by overrride requestRequiresAuthentication and isRequestAuthorized methods and make them to return always false.
2. if (authenticate() == false) line of code in all the rest api related resources will not attempt authentication because if(restAuthenticator != null && !restAuthenticator.requestRequiresAuthentication(request)) { piece of code in ActivitiRestApplication java class returnds true which make sure the line boolean authenticated = super.authenticate(request, response); never executes. This only only does the actual authentication in rest api

3. Corresponding classes in achieving the code should be overridden and web.xml should contain the extension class of ActivitiRestApplication

Now the openam part
………………………………
1.  Follow the below links to use open am authentication in rest application.
https://wikis.forgerock.org/confluence/display/openam/3+OpenAM+Server+Configuration#id-3OpenAMServer...
http://openam.forgerock.org/openam-documentation/openam-doc-source/doc/jee-install-guide/index/chap-...

2. After following the steps given in the above links, any rest call tries to access rest application will go through the open am authentication web page


0 Kudos

jbarrez
Star Contributor
Star Contributor

‎12-05-2014 08:49 AM

Thank you for writing this down for the generations to come!
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC