Hyland Connect

predragp1 · ‎12-06-2010

I'm trying to integrate Activiti with custom application that use complex identity schema, user are saved in LDAP with "groups" created hierarchically following business domain.

I don't see easy way how to integrate Activiti with existing LDAP schema. So I have one question:

Why Activiti try to manage user identities, roles etc.. on his own, why just not provide generic interface (or something similar) for querying that information?

tombaeyens · ‎12-07-2010

the built-in identity tables are just to have an out of the box experience.
there is an interface like that. it's called IdentitySession. if you know what you're doing, you can try configuring your own SessionFactory in the sessionFactories, overwriting the default for IdentitySession.class.

having an LDAP implementation is on the roadmap but no guaranteed delivery date.

you can help us by sharing how your identity data is structured in your ldap.

predragp1 · ‎12-07-2010

Thanks Tom,

I was looking at IdentitySession together with User, Group, UserQuery and GroupQuery interfaces. It looks that I need to implement them and also to modify IdentitySessionFactory to use my implementations of this classes. That looks pretty straight forward.

I also have one more question: Do I need to implement methods in IdentitySession for creating, deleting, manging user and groups, if I don't plan to use activiti for that operation? (or I can just leave them empty)

Currently I started to do this with user/groups in database (small demo proof of concept application) letter on when I connect all to LDAP (AD) I'll send you code and LDAP structure of user and groups.

All best

jbarrez · ‎12-08-2010

No, you don't need to implement those methods if you don't use them. Just throw an operationNotSupportedException and you'll know soon enough 😉

Hyland Connect

Identity management