Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Spring Boot Activiti Rest + LDAP but without using LDAP authentication

sayantan_sinha
Champ on-the-rise
Champ on-the-rise

‎05-30-2017 05:41 PM

I am new to activiti bpm (5.22.0 version 5.17.0 activiti-rest) and am using spring boot's activiti integration. I have not done much configuration just the basic maven pom dependencies and the standalone app works with basic authentication that Activiti provides out of the box.

Now I need to use LDAP to pull in user details and I have to exclude Activiti's authentication and also not perform LDAP authentication. The use for LDAP is to just pull in user details and do custom authorization via some token that I am generating as the user is already authenticated at this point.

Per my understanding, Activiti taps into LDAP to store these user info into it's own tables, is that correct? If yes, how would Activiti know what set of users to store? As I do not want all users in our LDAP to be stored by default.

Please help in understanding this.

Labels:
0 Kudos
5 REPLIES 5

gdharley
Elite Collaborator
Elite Collaborator

‎05-31-2017 03:14 PM

<snip>

Per my understanding, Activiti taps into LDAP to store these user info into it's own tables, is that correct? If yes, how would Activiti know what set of users to store? As I do not want all users in our LDAP to be stored by default.

</snip>

The users that are "cached" are based on the LDAP configuration.
Basically you will define the search base (baseDN) and filter (queryUserByUserId) to determine which user to "cache" in the Activiti tables.

As for Authentication. Activiti (Community Edition) uses straight Spring Authentication so you can add your own authentication filter or overload the LDAPUserManagerFactory and create a custom LDAPUserManager class that implements your own checkPassword() method.

Hope this helps,

Greg

0 Kudos

sayantan_sinha
Champ on-the-rise
Champ on-the-rise
In response to gdharley

‎05-31-2017 04:19 PM

Thanks for the detailed response. This does give some insight. However, I also would like to know how would I configure LDAP for activiti to use within a spring boot app. Is there any documentation for the same? I do not think the activiti user guide says much about this.

0 Kudos

gdharley
Elite Collaborator
Elite Collaborator
In response to sayantan_sinha

‎05-31-2017 04:36 PM

Yeah, the guide doesnt give much detail with respect to overriding security in Spring Boot/Activiti.
The good news is that it's just a standard Sprint Boot app with the standard overrides.

Check out the spring boot rest (with security config) example here:

Activiti/modules/activiti-spring-boot/spring-boot-samples/spring-boot-sample-rest-api-security at ma... 

Greg

0 Kudos

gauravkumar1382
Champ in-the-making
Champ in-the-making
In response to gdharley

‎08-07-2017 10:18 AM

Not able to access the link

0 Kudos

dougjohnson
Confirmed Champ
Confirmed Champ
In response to gauravkumar1382

‎08-07-2017 12:18 PM

I think Greg Harley‌ meant to use the 6.0-release branch:

Activiti/modules/activiti-spring-boot/spring-boot-samples/spring-boot-sample-rest-api-security at 6.... 

Hope that helps.

0 Kudos
Getting started

Explore our Alfresco products with the links below. Use labels to filter content by product module.

Copyright © 2024 Khoros, LLC