Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

[RESOLVED] Spring authentication issue in 5.11

aduarte
Champ in-the-making
Champ in-the-making

‎01-24-2013 12:34 PM

Hi everybody,

I have an application based on Spring Framework/Hibernate/Vaadin, split in differents layers (Repositories, Services, Views). I've secured my services methods with @PreAuthorize annotations.
I use activiti engine to automate some treatments : I design workflows with Activiti Designer Eclipse Plug-In with java service tasks and I call my application services inside to do some treatments.
An other thing to know is that I start activiti processes in a thread authenticated as admin (to avoid rights problems with secured services methods). This is how I do it :
public void run() {
      super.run();
      securityUtility.authenticateAs(Constants.ADMIN_USER, Constants.ADMIN_PASSWORD);
      
      RuntimeService runtimeService = processEngine.getRuntimeService();
      runtimeService.startProcessInstanceByKey(processId, variables);
   }

Here is my authenticateAs method :
public Authentication authenticateAs(String username, String password) {
      ProviderManager providerManager = (ProviderManager)applicationContext.getBean("authenticationManager");
      Authentication authentication = providerManager.authenticate(new UsernamePasswordAuthenticationToken(username, password));
      SecurityContextHolder.getContext().setAuthentication(authentication);
      return authentication;
   }

It has always worked very well and did everything I wanted until I upgraded to 5.11.

Now I got some securities exceptions when the activiti service task try to call my secure service method :
org.springframework.security.authentication.AuthenticationCredentialsNotFoundException: An Authentication object was not found in the SecurityContext

The strange thing is that some service tasks are working and some others not (for example the first one and the second are working but not the third). It looks like I lost the authentication during the workflow.

Does someone know a change related to that in 5.11?
Labels:
0 Kudos
7 REPLIES 7

aduarte
Champ in-the-making
Champ in-the-making

‎01-24-2013 12:43 PM

It is not related to the thread because if I start the process directly from my app, I still got the problem.

Thanks for helping
0 Kudos

frederikherema1
Star Contributor
Star Contributor

‎01-25-2013 04:22 AM

Are the service-tasks asynchronous? From what I remember, the security-context is stored thread-local. So as long as the same thread is used (and context is not cleared), this should be working all the time, or am I missing something?
0 Kudos

aduarte
Champ in-the-making
Champ in-the-making

‎01-25-2013 04:51 AM

My service tasks are not asynchronous. I want to execute them in sequence. When a task is finished, the next starts.
I read some thing about thread-local security context and I tried to fix my issue by setting the context in INHERITABLETHREADLOCAL strategy mode but nothing changed.

Some news about my investigations:
I came back to activiti 5.10 in my pom.xml, and replace my workflow by an old version => everything is ok.
But when I open the workflow with the designer (5.11) and just move the startevent 1 pixel to the left => the problem came back.
I compared the two files opening them in xml format and I see some changes:
isExecutable="true" has been added by the designer and "manualTask" has been replaced by "task"
0 Kudos

frederikherema1
Star Contributor
Star Contributor

‎01-25-2013 05:32 AM

That could explain a lot… a manual-task will behave differently than a regular task? Is there a reason why you're using manual-tasks instead of user task or service task?
0 Kudos

aduarte
Champ in-the-making
Champ in-the-making

‎01-25-2013 05:45 AM

I put a manualTask at the begin of all my processes in order to persist the process in the database because I read that when you start a process it is not persisted until a manualTask/userTask… and endEvent I imagine.

But calls to my application services are done in service tasks.

This is the beginning of my process to explain that : http://hpics.li/c3a7c34
0 Kudos

frederikherema1
Star Contributor
Star Contributor

‎01-25-2013 05:49 AM


/**
* Implementation of the BPMN 2.0 'manual task': a task that is external to the
* BPMS and to which there is no reference to IT systems whatsoever.
*
* Given this definition, this activity will behave simply as a pass-though step
* in the process.
*
* @author Joram Barrez
*/

Only wait-states will persist the process, the manual-task will just passthrough, not persisting… Not really sure why you want your process persisted, while it still could be rolled-back by an error in the subsequent service-tasks??
0 Kudos

aduarte
Champ in-the-making
Champ in-the-making

‎01-25-2013 06:25 AM

Ok, I think I misread something. Removing the manual task at the beginning fixes my issue.
I need to make some tests because I think I have put that manual task to fix a problem about getting some process variables in some specific case (it has been a long time and don't remember exactly the problem I was facing but someone told me to put the manual task as a trick).

Thanks a lot for your help. I test if everything is ok and put the topic as resolved.
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC