Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Obfuscating form data

geoffb
Champ in-the-making
Champ in-the-making

‎07-02-2013 09:15 PM

I have created my own FormType for data fields that are sensitive, so that I can encrypt their values.   This works well for ACT_RU_VARIABLE and ACT_HI_VARINST.  What I can't figure out is how to have it encrypted in ACT_HI_DETAIL. 

The FormProperties are still stored in plain text.
Labels:
0 Kudos
5 REPLIES 5

trademak
Star Contributor
Star Contributor

‎07-03-2013 05:29 AM

Can you provide some more details about the FormType you've implemented?

Best regards,
0 Kudos

geoffb
Champ in-the-making
Champ in-the-making

‎07-03-2013 07:22 AM

I basically, just did this in my class that extends AbstractFormType

@Override
def convertFormValueToModelValue(String secretString) {
     return new SecretSerialisationType(secretString)
}
0 Kudos

frederikherema1
Star Contributor
Star Contributor

‎07-03-2013 07:39 AM

Instead of using a form-type, use a custom variable-type which stores the value encrypted and DON'T use form-properties, they will be always stored the way they come into the submitForm() method…

Another option, if form properties are required, is setting the history level high enough, so form-properties are not recorded…
0 Kudos

geoffbullen
Champ in-the-making
Champ in-the-making

‎07-03-2013 07:47 AM

What I really want is both to use a form type and to leave the same history level.

Is there a way I can modify how the history stores my particular form type?
0 Kudos

frederikherema1
Star Contributor
Star Contributor

‎07-03-2013 07:54 AM

Extract from SubmitStartFormCmd:

protected Object execute(CommandContext commandContext, TaskEntity task) {
    commandContext.getHistoryManager()
      .reportFormPropertiesSubmitted(task.getExecution(), properties, taskId);
   
    TaskFormHandler taskFormHandler = task.getTaskDefinition().getTaskFormHandler();
    taskFormHandler.submitFormProperties(properties, task.getExecution());
   
    task.complete();

    return null;
  }
The 'history record' is done using the RAW properties-map, as it is passed in. Since the record happens before the "TaskFormHandler" is called, it's also not an option to use a custom TaskFormHandler that alters the values in the properties-map.

The only way I see this working is either we move the "record" of history to after the TaskFormHandler has been executed, although there is no explicit use case for this, as the form-properties are intended to be stored in history as String's, unaffected by the property-type itself. Another way is to do the encryption in the layer above Activiti, if possible.

A solution that can be done without having to modify existing activiti-sourcecode is to create a subclass of the HistoryManager and provide your own factory for this to the processEngineConfiguration. You can override the "reportFormPropertiesSubmitted" method and alter the string-values before you call the super.reportFormPropertiesSubmitted(…).
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC