Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ProcessEngineConfiguration + LdapAdapter

desperado
Champ in-the-making
Champ in-the-making

‎04-12-2013 04:21 PM

Hello Activiti Community,

i just want to introduce myself before asking for any help.

About me:
———-

My name is Michael and i am c programmer ( shame on me 🙂 ).
So i'm new to the java world. Although i can follow object oriented languages like
c#,c++ and java, but i will have to spend a lot of time to know all about the tools and frameworks
the java world provides.

So, sorry if i wont use right terminologies or simply show a big lack of knowledge at some places.

So, here i go…

My Task:
——–

My first task i want to solve is an LdapAdapter for the Activiti Engine.

a:


I have already read some tutorials and even found some solutions like

http://aganeshreddy.wordpress.com/2012/10/17/managing-user-identity-using-custom-ldap-in-activiti-en...
http://leadsjava.blogspot.de/2013/03/activiti-ldap-integartion.html


b:


tutorials about,
spring bean injection…and all the stuff i think i should know about the basics about
what is going on in the task.


That would be enough to make my first step. But unfortunatelly there is a barrier i
simply cannot overcome.

My Problem:
———–

The ProcessEngine Configuration and the injection of the necessary stuff.
It might be trivial, but playing around the last days and weeks with different
Activiti Engines from 5.9 to 5.12 there seem to be a lot of changes.
Like the UserManager,GroupManager do not exist anymore ( i think they are renamed
now to UserEntityManager … correct me if i am wrong)
Finally i was not able in any version to configure the Process engine correctly and
get it to run.

My Goal:
——–

The setup and tools i use:

- tomcat 7.0.39 ( out of the box )
- Activiti Engine 5.12 ( simply deploying the wars into tomcat)
- LDAP Apache Directory Studio
- postgres DB

So, my first goal would be to implement like the given links, an LdapAdapter that
is able to authenticate users via ldapServer.
There are left some other topics like DB / Ldap synchronization

So, i would start from scratch, step by step and hope you can guide me where i am
going wrong.

But anyway, the thing where i am most interested in is, where to configure the
process Engine because i saw a lot of variants in the web, and none worked for me,
or maybe i made mistakes in all places, lets see, any help is appreciated.

Michael  Smiley Happy
Labels:
0 Kudos
6 REPLIES 6

desperado
Champ in-the-making
Champ in-the-making

‎04-14-2013 06:19 PM

Hello,

"finally" it was very simple, not to say trivial. ( after removing some issues with my browsers, library usage and some dozens combined minor things ).
Even if this will not be a new topic to you, i want to post a simple entry point to get started for others. I stripped it completely down to the really
needed stuff (nothing else, so far…)

Files:

* Java: Factory Class
* Java: UserEntityManager Child Class
* Java: LdapSetting Datastructure
* Java: LdapAdapter
* Configuration File: db.properties
* Configuration File: activiti-standalone-context.xml


//******************************************************************************
//* Author: Michael Hoffmann
//* Date  : 14.04.2013
//* File  : LdapUserManagerFactory.java
//******************************************************************************

package ldap;

//******************************************************************************
//* Dependencies
//******************************************************************************

import org.activiti.engine.impl.interceptor.Session;
import org.activiti.engine.impl.interceptor.SessionFactory;
import org.activiti.engine.impl.persistence.entity.UserEntityManager;

//******************************************************************************
//* Class Definition
//******************************************************************************

public class LdapUserManagerFactory implements SessionFactory {

    //————————————————————————–
    // Member
    //————————————————————————–

private LdapSetting ldapSetting;

LdapUserManagerFactory(LdapSetting ldapSetting)
{ this.ldapSetting = ldapSetting; }

    //————————————————————————–
    // Interface
    //————————————————————————–

@Override
public Class<?> getSessionType()
{ return UserEntityManager.class; }

@Override
public Session openSession()
{ return new LdapUserManager(ldapSetting); }

}


//******************************************************************************
//* Author: Michael Hoffmann
//* Date  : 14.04.2013
//* File  : LdapUserManager.java
//******************************************************************************

package ldap;

//******************************************************************************
//* Dependencies
//******************************************************************************

import java.util.logging.Level;
import java.util.logging.Logger;
import javax.naming.NamingException;
import org.activiti.engine.impl.persistence.entity.UserEntityManager;

//******************************************************************************
//* Class Definition
//******************************************************************************

public class LdapUserManager extends UserEntityManager {

    //————————————————————————–
    // Member
    //————————————————————————–

    private static final Logger LOGGER =
    Logger.getLogger(LdapUserManager.class.getName());
   
    private LdapSetting ldapSetting;
    private LdapAdapter ldapAdapter;
   
    //————————————————————————–
    // Ctor
    //————————————————————————–
   
    public LdapUserManager(LdapSetting ldapSetting)
    {
      this.ldapSetting = ldapSetting;
      this.ldapAdapter = new LdapAdapter();
    }

    //————————————————————————–
    // Inheritance
    //————————————————————————–
   
    @Override
    public Boolean checkPassword(String userId, String password) {
       
        LOGGER.log(Level.INFO,"checking password…");
        String uid = "cn=" + userId +",ou=users,ou=system";
       
        try {
           
            ldapSetting.setSecurityPrincipal(uid);
            ldapSetting.setSecurityCredential(password);
           
            if(ldapAdapter.authenticate(ldapSetting))
            {
             ldapAdapter.close();
             LOGGER.log(Level.INFO,"LDAP authentication successful: " + uid);
             return true;
            }
        }
        catch (NamingException e)
        { e.printStackTrace(); }
      
        LOGGER.log(Level.INFO,"LDAP authentication failed: " + uid);
        return Boolean.FALSE;
    }
}


//******************************************************************************
//* Author: Michael Hoffmann
//* Date  : 14.04.2013
//* File  : LdapSetting.java
//******************************************************************************

package ldap;

//******************************************************************************
//* Dependencies
//******************************************************************************

// …

//******************************************************************************
//* Class Definition
//******************************************************************************

public class LdapSetting {

    //————————————————————————–
    // Member
    //————————————————————————–
   
    private String ldapUrl;
    private String ldapPort;
    private String securityAuthentication;
    private String securityCredential;
    private String securityPrincipal;
   
    //————————————————————————–
    // Getter
    //————————————————————————–
   
    public String getLdapUrl()
    { return ldapUrl; }
   
    public String getLdapPort()
    { return ldapPort; }

    public String getSecurityAuthentication()
    { return securityAuthentication; }
   
    public String getSecurityCredential()
    { return securityCredential; }
   
    public String getSecurityPrincipal()
    { return securityPrincipal; }

    //————————————————————————–
    // Setter
    //————————————————————————–
   
    public void setLdapUrl(String ldapUrl)
    { this.ldapUrl = ldapUrl; }
   
    public void setLdapPort(String ldapPort)
    { this.ldapPort = ldapPort; }

    public void setSecurityAuthentication(String securityAuthentication)
    { this.securityAuthentication = securityAuthentication; }
   
    public void setSecurityCredential(String securityCredential)
    { this.securityCredential = securityCredential; }
   
    public void setSecurityPrincipal(String securityPrincipal)
    { this.securityPrincipal = securityPrincipal; }
   
    // Additional Getter
    public String getProviderUrl()
    { return ldapUrl + ":" + ldapPort; }
   
}


//******************************************************************************
//* Author: Michael Hoffmann
//* Date  : 14.04.2013
//* File  : LdapAdapter.java
//******************************************************************************

package ldap;

//******************************************************************************
//* Dependencies
//******************************************************************************

import java.util.Hashtable;
import java.util.logging.Level;
import java.util.logging.Logger;

import javax.naming.Context;
import javax.naming.InitialContext;
import javax.naming.NamingException;

//******************************************************************************
//* Class Definition
//******************************************************************************

public class LdapAdapter {

    //————————————————————————–
    // Member
    //————————————————————————–
   
    private final static String FACTORY =
    "com.sun.jndi.ldap.LdapCtxFactory";
   
    private static final Logger LOGGER =
    Logger.getLogger(LdapAdapter.class.getName());
   
    private Context context;
   
    //————————————————————————–
    // Ldap
    //————————————————————————–
   
    public boolean authenticate(LdapSetting ldapSetting) throws NamingException
    {
        LOGGER.log(Level.INFO,"try to connect");
        Hashtable<String, String> env = new Hashtable<String, String>();
        env.put(Context.INITIAL_CONTEXT_FACTORY,FACTORY);
        env.put(Context.PROVIDER_URL,ldapSetting.getProviderUrl());
        env.put(Context.SECURITY_AUTHENTICATION,ldapSetting.getSecurityAuthentication());
        env.put(Context.SECURITY_PRINCIPAL,ldapSetting.getSecurityPrincipal());
        env.put(Context.SECURITY_CREDENTIALS,ldapSetting.getSecurityCredential());

        context    = new InitialContext(env);
        LOGGER.log(Level.INFO,"connected");
        return context != null;
    }
   
    public void close() throws NamingException
    {
        context.close();
        LOGGER.log(Level.INFO,"connection closed");
    }
}



  Snippet: activiti-standalone-context.xml
  …

  <bean id="processEngineConfiguration" class="org.activiti.spring.SpringProcessEngineConfiguration">
   <property name="dataSource" ref="dataSource" />
   <property name="transactionManager" ref="transactionManager" />
   <property name="databaseSchemaUpdate" value="true" />
   <property name="jobExecutorActivate" value="true" />
    <property name="customFormTypes">
      <list>
        <bean class="org.activiti.explorer.form.UserFormType"/>
        <bean class="org.activiti.explorer.form.ProcessDefinitionFormType"/>
        <bean class="org.activiti.explorer.form.MonthFormType"/>  
      </list>
    </property>

<property name="customSessionFactories">
      <list>
        <bean class="ldap.LdapUserManagerFactory">
          <constructor-arg ref="LdapSettingBean" />
        </bean>
            </list>
    </property>

  </bean>
 
  <bean id="LdapSettingBean" class="ldap.LdapSetting">
    <property name="ldapUrl" value="ldap://localhost" />
    <property name="ldapPort" value="10389" />
    <property name="securityAuthentication" value="simple" />
  </bean>

  …

File: db.properties


db=postgresql
jdbc.driver=org.postgresql.Driver
jdbc.url=jdbc:smileytongue:ostgresql://localhost:5432/activiti
jdbc.username=postgres
jdbc.password=admin

As already mentioned, this is just an entry point to start supporting features of the Activiti Engine with Ldap-Context.

Michael
0 Kudos

jbarrez
Star Contributor
Star Contributor

‎04-15-2013 05:54 AM

Thanks for posting back on your own questions, much appreciated!
0 Kudos

sarkar92
Champ in-the-making
Champ in-the-making

‎04-19-2013 02:45 AM

Thanks for your valuable information.
I tried this solution in activiti 5.12 The method "CheckPassword" return true but user not Getting in his page. After "checkPassword" retur true its authenticated with LDAP but not logged-In
0 Kudos

desperado
Champ in-the-making
Champ in-the-making
In response to sarkar92

‎04-19-2013 03:10 AM

Well, if i understand correctly what you mean you should check out the following:

DB and LDAP must be synchonized, that means with the given source above the user must exist also in the database.
The Activiti Engine (AE) will do more operations like "findUserById" and other stuff which is not implemented.
Because of that the AE will search the authenticated user in its DB, where it may not find it, so the loggin fails. So, if you use a test database, just add your "testUser", then after the authentication the AE will loggin with that user.

Michael
0 Kudos

sanghaviamit
Champ in-the-making
Champ in-the-making
In response to desperado

‎08-14-2013 06:06 AM

Hi Michael,

I am new to Activiti BPM and am trying to integrate Activiti with ADS but only through activiti-standalone-context.xml configuration.

From your above post, Do you mean that every time I create a user in LDAP, I need to manually create new entry for user in the act_id_user table as well?

Thanks & Regards,
Amit




0 Kudos

sarkar92
Champ in-the-making
Champ in-the-making

‎04-19-2013 03:50 AM

Thanks
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC