Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Workaround for LDAP?

jcosano
Champ in-the-making
Champ in-the-making

‎12-07-2010 06:18 AM

I wrote some post about It's important integration between Activiti and Ldap…  I know that for now is not in the main list of next features, and in roadmap appears 1 July…
I'm working with activiti and all result are very goods, but my company need choose its bpmn engine now, we have around 5000 users, and for us, integration with LDAP company is mandatory…

- is it possible prioritize this improvement? I read some post in forum asking about this.
- can I implement a workaround for access to my ldap, and wait for an official solution? is enough implement my customLdapIdentitySession ?
Labels:
0 Kudos
16 REPLIES 16

jbarrez
Star Contributor
Star Contributor

‎12-08-2010 03:34 AM

Yes, it is enough to implement your own version of the IdentitySession and add it to the sessionFactories or customSessionFactories of the processEngineConfiguration (or override the ProcessEngineFactoryBean if you'r using Spring)
0 Kudos

tombaeyens
Champ in-the-making
Champ in-the-making

‎12-08-2010 07:06 AM

post here as much info as possible on how you actually make the bridge.
1) how is your data structured in your ldap
2) how do you write the ldap queries for the identity session data
do you plan to use plain jndi, spring ldap or something else?

that information can speed things up for us to offer ldap support in the engine.
0 Kudos

tizo
Champ in-the-making
Champ in-the-making

‎12-09-2010 02:17 PM

Great!. This is exactly what I was looking for in post http://forums.activiti.org/en/viewtopic.php?f=3&t=484.

Now I wonder how can I use it. I see that ProcessEngineConfiguration has a setIdentityService method, but I don't know how to obtain the ProcessEngineConfiguration. The way I am building the engine is the following:

        wfEngine = new ProcessEngineBuilder()
                .configureFromResource("activiti.cfg.xml")
                .buildProcessEngine();

Or alternatively, is there a way to configure the identity service in the configuration file?

Thanks.
0 Kudos

jbarrez
Star Contributor
Star Contributor

‎12-13-2010 04:00 AM

Normally, there is no use in changing the IdentityService (unless for very specific use cases). If you have replaced the IdentitySession, all will work as expected.
0 Kudos

tizo
Champ in-the-making
Champ in-the-making

‎12-21-2010 08:46 AM

I have just started to make tests about this with Activiti 5.0 (instead 5.0 rc1).

Jbarrez, I can't yet figure out how to use my own IdentitySession. After reading carefully your post and looking at the source code, I think I should:

  • Implement my own IdentitySession: MyIdentitySession implementing IdentitySession and Session.

  • Implement a factory for MyIdentitySession: MyIdentitySessionFactory implementing SessionFactory.

  • When building the engine, I should do something like:
    •         ProcessEngineConfiguration processEngineConfiguration =
                    ProcessEngineConfiguration.createProcessEngineConfigurationFromResourceDefault();
            List<SessionFactory> customSessionFactories = new ArrayList<SessionFactory>();
            customSessionFactories.add(new MyIdentitySessionFactory());
            ((ProcessEngineConfigurationImpl)processEngineConfiguration).
                    setCustomSessionFactories(customSessionFactories);
            engine = processEngineConfiguration.buildProcessEngine();     And here comes my question. If ProcessEngineConfigurationImpl uses DbIdentitySessionFactory as one of its session factories, and I add a custom session factory for another IdentitySession, how do I tell the engine that use MyIdentitySession and not DbIdentitySession when it needs it?.
0 Kudos

jcosano
Champ in-the-making
Champ in-the-making

‎12-21-2010 09:13 AM

I'm following the same steps that tizo… (but I replace directly factories with my own implementation… for begin to test more quickly and after i would study best implementation for configure my own service and factory)

this is my idea: I would manage users, functional role and organizational role
BPMN Process: Associate tasks with functional role
After, I would have user associates with organizational role.
Sample:
Process SAMPLE: TASK1 (FR1), TASK2 (FR2)
OR1= FR1 & FR2
OR2= FR2
Peter is OR1, Mike is OR2
Target: peter can do task1, peter and mike can do task2

My target is make easy user/permission manegement for doing work. And I'm trying to do this with ldap.
0 Kudos

jcosano
Champ in-the-making
Champ in-the-making

‎12-23-2010 10:21 AM

What do you think about ldap queries?  jndi or spring ldap? or maybe UnboundID LDAP SDK
0 Kudos

andychoi
Champ in-the-making
Champ in-the-making

‎12-23-2010 04:42 PM

I have interest on this topic.
My team recently developed custom workflow java web application with LDAP integration.
LDAP is super easy and useful in corporation.
0 Kudos

lojian
Champ in-the-making
Champ in-the-making

‎12-24-2010 04:51 AM

agree. LDAP and AD(ActiveDirectory) is widely used in the enterprise, for example, for SingleSign-On.
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC