Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Making explorer multi tenant aware - Pointing explorer to multiple LDAPs

penusila611621
Champ in-the-making
Champ in-the-making

‎01-20-2015 08:27 AM

I have done the following changes to make explorer multi tenant aware as I needed very much.

1.  Extended DefaultLoginHandler java class and injected from activiti-standalone-context.xml and did the following customizations.
     1.1)  Changed the definition of injection of DefaultLoginHandler  in activiti-standalone-context.xml file as below

              <bean id="activitiLoginHandler" class="MyLoginHandler">  
                         <property name="identityService" ref="identityService" />
        <property name="myProcessEngineConfiguration" ref="processEngineConfiguration" /> <newline - injecting process engine       object>
                      <property name="tenantList" value="TENANT1,TENANT2,TENANT3"/> <new line - setting tenant ids>
           </bean>
     1.2)  In the setter method of MyLoginHandler, written the following lines to update the LDAP properties in run time. On engine bootstrap explorer connects to LDAP defined in the  activiti-standalone-context.xml. The following allows to change the LDAP connection at runtime

              List<ProcessEngineConfigurator> processEngineConfigurator = processEngineConfiguration.getAllConfigurators();
                 for(int i=0; i < processEngineConfigurator.size(); i++){
                    ldapConfigurator = (LDAPConfigurator) processEngineConfigurator.get(i);

    1.3) Defined the same set of tenant ids in a separate file in my local system and their LDAP configuration details against each tenant id
    1.4) In the method public LoggedInUserImpl authenticate(String userName, String password), reading the tenant LDAP details and setting the same to setter methods of LDAP object extracted in step 1.2. Fetching the right LDAP details for the tenant is determined through step 1.5
  1.5)  Typically using the link http://localhost:8080/activiti-explorer/ui/ to access the explorer. But to enforce tenant here, I am using the http://localhost:8080/activiti-explorer/ui?tenantID=TENANT1. Fetching the tenant ID from the request in public void onRequestStart(HttpServletRequest request, HttpServletResponse response) { method and setting to a global tenant id variable

1.6) So tenant id extracted from explorer url is used to determine the right LDAP config details from the property file



This way it's working fine for me and I want some Activiti experts validate my approach and looking for suggestions. I am not sure about the implications of injecting processEngineConfiguration object into my loginhandler class and using it there.


I need the explorer to work in multi tenant aware way for one of my use case.
Labels:
0 Kudos
2 REPLIES 2

jbarrez
Star Contributor
Star Contributor

‎01-21-2015 08:44 AM

Sounds allright. Don't like the fact you need tenantId in the url, but I see why. Other option could be to try all the ldap's one by one until one matches … that would give you your tenant id too. And you could cache that info (which user belongs to which tenant) too.
0 Kudos

atifraza
Champ in-the-making
Champ in-the-making

‎01-30-2015 02:28 AM

Most probably it works then. I actually did not try the upgrade mechanism, just looked at the code if it should work, and found no evidence, because I was expecting activiti to return with the activiti.mysql55.*.sql files in getResourceForDbOperation method, but now I can see you choose another solution.
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC