Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Issue with custom RestAuthenticator Using Rest 5.13

ganeshr
Champ in-the-making
Champ in-the-making

‎08-12-2013 04:40 AM

Hi,
 
   I'm developing a custom rest application with custom rest services on top of activiti-rest 5.13. As we have integrated siteminder(SSO) in application, all the request will go through the siteminder authentication using cookie value being passed from client to rest application, So I have removed extra authentication for activiti-rest services by customizing the ActivitiRestServicesApplication and created custom restAuthenticator by overriding methods requestRequiresAuthentication and isRequestAuthorized.  Returning always false in the overriding method requestRequiresAuthentication of restAuthenticator class by this I'm removing extra authentication. With this configuration able to remove authentication in verify method, but the problem is for each resource invocation again the authenticate method is invoked in SecuredResource class and trying to retrieve the loogedInUser  name.
Here is the piece of code getting invoked in ActivitiRestApplication,

public String authenticate(Request request, Response response) {
    if (!(request.getClientInfo().isAuthenticated())) {
      this.authenticator.challenge(response, false);
      return null;
    }
    return request.getClientInfo().getUser().getIdentifier();
  }

So the issue I'm facing is  request.getClientInfo().getUser() is returning as null always, because of this rest service is not called.  I'm not sure why the request.getClientInfo().getUser() is returning null. For the new custom rest service I have used SecurityContext in resource class and able to retrieve the User Principal information.  Could any one help me how to achieve the same for the existing rest services?


Labels:
0 Kudos
12 REPLIES 12

penusila611621
Champ in-the-making
Champ in-the-making

‎11-14-2014 06:24 AM

Is is possible for you to share the approach you followed to make explorer & rest ltpa & sso aware. I am attempting the same with open am. Appreciate your help if you could share some documents or info
0 Kudos

b_schnarr
Champ in-the-making
Champ in-the-making

‎09-30-2015 08:55 AM

It was a network problem. Everything is ok. In general, this

<code>
org.restlet.security.User RestletUser = new org.restlet.security.User();
RestletUser.setIdentifier(userName);
ClientInfo info = new ClientInfo();
info.setUser(RestletUser);
request.setClientInfo(info);
</code>

in combination with this:

<code>
Authentication.setAuthenticatedUserId(user.getId());
</code>

did the trick.

Best regards
Ben
0 Kudos

b_schnarr
Champ in-the-making
Champ in-the-making

‎09-30-2015 08:56 AM

I have exactly the same issue. I followed the instructions here: http://forums.activiti.org/content/authentication-alternatives-rest-webapp
and populate the org.activiti.engine.impl.identity.Authentication.setAuthenticatedUserId() in the  boolean requestRequiresAuthentication(Request request) method, to let the engine know which user is performing the REST-operation:

1. Decrypt the SSO-Token in RestAuthentiocator (this is possible with java and some keys)
2. Read out the user-id from the SSO-Cookie (Probably the LDAP CN Name)
3. Set this User-id with org.activiti.engine.impl.identity.Authentication.setAuthenticatedUserId()
4. Perform the REST-Request

Then I get the following nullpointer:

<code>
Caused by: java.lang.NullPointerException
at org.activiti.rest.common.application.ActivitiRestApplication.authenticate(ActivitiRestApplication.java:108)
at org.activiti.rest.common.api.SecuredResource.authenticate(SecuredResource.java:171)
at org.activiti.rest.common.api.SecuredResource.authenticate(SecuredResource.java:167)
at org.activiti.rest.service.api.repository.ProcessDefinitionCollectionResource.getProcessDefinitions(ProcessDefinitionCollectionResource.java:47)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.restlet.resource.ServerResource.doHandle(ServerResource.java:506)
… 62 more
</code>

This here returns null:

<code>
public String authenticate(Request request, Response response) {
    if (!request.getClientInfo().isAuthenticated()) {
      authenticator.challenge(response, false);
      return null;
    }
    return request.getClientInfo().getUser().getIdentifier();
  }
</code>

Even though I set the user id.  I want to achieve an SSO based in LTPA. Therefore, I extract the user id from the request and set the user-id. Could I simply add a try-catch? How how can I avoid this nullpointer in this situation?

Best regards
Ben
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC