Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Setup User / Group Management using SSO into External system

hardik_thakkar1
Champ in-the-making
Champ in-the-making

‎06-09-2014 04:14 AM

Hello there,

We have decided to use Activiti as BPM in our new project. We would like to setup user and group management to external system which is SSO engine of our organisation.

We have decided to use below approach-

- We would be using activiti-rest to interact with Activiti engine and decided to write custom wrapper on this rest services. So, before   accessing them all authentication and authorization activities should be handled using our SSO engine.

Is this possible approach? If yes, how to customize it?

This system has hundreds of groups and thousands of users, I believe Activiti is capable to handle them.

Any response on this would be much appreciated.
Labels:
0 Kudos
7 REPLIES 7

hardik_thakkar1
Champ in-the-making
Champ in-the-making

‎06-09-2014 04:54 AM

Thanks Ben for your response.

I think this solution should work for authenticating user to interact with activiti-rest.

What about to manage users and groups in external system (In our case, SSO Engine) instead of managing them in Activiti DB.
0 Kudos

b_schnarr
Champ in-the-making
Champ in-the-making

‎06-09-2014 05:43 AM

We solved this by using a LDAP-directory.
0 Kudos

hardik_thakkar1
Champ in-the-making
Champ in-the-making

‎06-10-2014 04:34 AM

LDAP would not work in our case as we have separate application for managing users and groups instead LDAP directory.

I read somewhere that we need to write custom Identity Services if we would like to manage users and groups in external system. Is this correct? If yes, is there any example of it how to customize identity services?

Any help much appreciated.
0 Kudos

martin_grofcik
Confirmed Champ
Confirmed Champ

‎06-11-2014 04:16 AM

Hi Hardik,

You are right:
http://forums.activiti.org/content/override-default-identity-session-implementation


Regards
Martin
0 Kudos

hardik_thakkar1
Champ in-the-making
Champ in-the-making

‎07-08-2014 01:31 AM

Thanks a lot for your replies.

So that is clear to me that I have to customize UserEntityManeger and GroupEntityManager. But how to configure them in activiti-config.xml so my customized classes will be used by default instead of existing classes.

Please revert.
0 Kudos

martin_grofcik
Confirmed Champ
Confirmed Champ

‎07-09-2014 12:46 AM

Hi Hardik.
If you want to change User/GroupEntityManagers you have to set them in org.activiti.engine.impl.cfg.ProcessEngineConfigurationImpl#sessionFactories

Regards
Martin
0 Kudos

b_schnarr
Champ in-the-making
Champ in-the-making

‎09-30-2015 08:58 AM

Hi,

maybe this post helps you : http://forums.activiti.org/content/authentication-alternatives-rest-webapp

Best regards
Ben
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC