ProcessEngineConfiguration + LdapAdapter
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-12-2013 04:21 PM
Hello Activiti Community,
i just want to introduce myself before asking for any help.
About me:
———-
My name is Michael and i am c programmer ( shame on me 🙂 ).
So i'm new to the java world. Although i can follow object oriented languages like
c#,c++ and java, but i will have to spend a lot of time to know all about the tools and frameworks
the java world provides.
So, sorry if i wont use right terminologies or simply show a big lack of knowledge at some places.
So, here i go…
My Task:
——–
My first task i want to solve is an LdapAdapter for the Activiti Engine.
a:
—
I have already read some tutorials and even found some solutions like
http://aganeshreddy.wordpress.com/2012/10/17/managing-user-identity-using-custom-ldap-in-activiti-en...
http://leadsjava.blogspot.de/2013/03/activiti-ldap-integartion.html
…
b:
—
tutorials about,
spring bean injection…and all the stuff i think i should know about the basics about
what is going on in the task.
That would be enough to make my first step. But unfortunatelly there is a barrier i
simply cannot overcome.
My Problem:
———–
The ProcessEngine Configuration and the injection of the necessary stuff.
It might be trivial, but playing around the last days and weeks with different
Activiti Engines from 5.9 to 5.12 there seem to be a lot of changes.
Like the UserManager,GroupManager do not exist anymore ( i think they are renamed
now to UserEntityManager … correct me if i am wrong)
Finally i was not able in any version to configure the Process engine correctly and
get it to run.
My Goal:
——–
The setup and tools i use:
- tomcat 7.0.39 ( out of the box )
- Activiti Engine 5.12 ( simply deploying the wars into tomcat)
- LDAP Apache Directory Studio
- postgres DB
So, my first goal would be to implement like the given links, an LdapAdapter that
is able to authenticate users via ldapServer.
There are left some other topics like DB / Ldap synchronization
So, i would start from scratch, step by step and hope you can guide me where i am
going wrong.
But anyway, the thing where i am most interested in is, where to configure the
process Engine because i saw a lot of variants in the web, and none worked for me,
or maybe i made mistakes in all places, lets see, any help is appreciated.
Michael
i just want to introduce myself before asking for any help.
About me:
———-
My name is Michael and i am c programmer ( shame on me 🙂 ).
So i'm new to the java world. Although i can follow object oriented languages like
c#,c++ and java, but i will have to spend a lot of time to know all about the tools and frameworks
the java world provides.
So, sorry if i wont use right terminologies or simply show a big lack of knowledge at some places.
So, here i go…
My Task:
——–
My first task i want to solve is an LdapAdapter for the Activiti Engine.
a:
—
I have already read some tutorials and even found some solutions like
http://aganeshreddy.wordpress.com/2012/10/17/managing-user-identity-using-custom-ldap-in-activiti-en...
http://leadsjava.blogspot.de/2013/03/activiti-ldap-integartion.html
…
b:
—
tutorials about,
spring bean injection…and all the stuff i think i should know about the basics about
what is going on in the task.
That would be enough to make my first step. But unfortunatelly there is a barrier i
simply cannot overcome.
My Problem:
———–
The ProcessEngine Configuration and the injection of the necessary stuff.
It might be trivial, but playing around the last days and weeks with different
Activiti Engines from 5.9 to 5.12 there seem to be a lot of changes.
Like the UserManager,GroupManager do not exist anymore ( i think they are renamed
now to UserEntityManager … correct me if i am wrong)
Finally i was not able in any version to configure the Process engine correctly and
get it to run.
My Goal:
——–
The setup and tools i use:
- tomcat 7.0.39 ( out of the box )
- Activiti Engine 5.12 ( simply deploying the wars into tomcat)
- LDAP Apache Directory Studio
- postgres DB
So, my first goal would be to implement like the given links, an LdapAdapter that
is able to authenticate users via ldapServer.
There are left some other topics like DB / Ldap synchronization
So, i would start from scratch, step by step and hope you can guide me where i am
going wrong.
But anyway, the thing where i am most interested in is, where to configure the
process Engine because i saw a lot of variants in the web, and none worked for me,
or maybe i made mistakes in all places, lets see, any help is appreciated.
Michael
Labels:
- Labels:
-
Archive
6 REPLIES 6
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-14-2013 06:19 PM
Hello,
"finally" it was very simple, not to say trivial. ( after removing some issues with my browsers, library usage and some dozens combined minor things ).
Even if this will not be a new topic to you, i want to post a simple entry point to get started for others. I stripped it completely down to the really
needed stuff (nothing else, so far…)
Files:
* Java: Factory Class
* Java: UserEntityManager Child Class
* Java: LdapSetting Datastructure
* Java: LdapAdapter
* Configuration File: db.properties
* Configuration File: activiti-standalone-context.xml
File: db.properties
As already mentioned, this is just an entry point to start supporting features of the Activiti Engine with Ldap-Context.
Michael
"finally" it was very simple, not to say trivial. ( after removing some issues with my browsers, library usage and some dozens combined minor things ).
Even if this will not be a new topic to you, i want to post a simple entry point to get started for others. I stripped it completely down to the really
needed stuff (nothing else, so far…)
Files:
* Java: Factory Class
* Java: UserEntityManager Child Class
* Java: LdapSetting Datastructure
* Java: LdapAdapter
* Configuration File: db.properties
* Configuration File: activiti-standalone-context.xml
//******************************************************************************
//* Author: Michael Hoffmann
//* Date : 14.04.2013
//* File : LdapUserManagerFactory.java
//******************************************************************************
package ldap;
//******************************************************************************
//* Dependencies
//******************************************************************************
import org.activiti.engine.impl.interceptor.Session;
import org.activiti.engine.impl.interceptor.SessionFactory;
import org.activiti.engine.impl.persistence.entity.UserEntityManager;
//******************************************************************************
//* Class Definition
//******************************************************************************
public class LdapUserManagerFactory implements SessionFactory {
//————————————————————————–
// Member
//————————————————————————–
private LdapSetting ldapSetting;
LdapUserManagerFactory(LdapSetting ldapSetting)
{ this.ldapSetting = ldapSetting; }
//————————————————————————–
// Interface
//————————————————————————–
@Override
public Class<?> getSessionType()
{ return UserEntityManager.class; }
@Override
public Session openSession()
{ return new LdapUserManager(ldapSetting); }
}
//******************************************************************************
//* Author: Michael Hoffmann
//* Date : 14.04.2013
//* File : LdapUserManager.java
//******************************************************************************
package ldap;
//******************************************************************************
//* Dependencies
//******************************************************************************
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.naming.NamingException;
import org.activiti.engine.impl.persistence.entity.UserEntityManager;
//******************************************************************************
//* Class Definition
//******************************************************************************
public class LdapUserManager extends UserEntityManager {
//————————————————————————–
// Member
//————————————————————————–
private static final Logger LOGGER =
Logger.getLogger(LdapUserManager.class.getName());
private LdapSetting ldapSetting;
private LdapAdapter ldapAdapter;
//————————————————————————–
// Ctor
//————————————————————————–
public LdapUserManager(LdapSetting ldapSetting)
{
this.ldapSetting = ldapSetting;
this.ldapAdapter = new LdapAdapter();
}
//————————————————————————–
// Inheritance
//————————————————————————–
@Override
public Boolean checkPassword(String userId, String password) {
LOGGER.log(Level.INFO,"checking password…");
String uid = "cn=" + userId +",ou=users,ou=system";
try {
ldapSetting.setSecurityPrincipal(uid);
ldapSetting.setSecurityCredential(password);
if(ldapAdapter.authenticate(ldapSetting))
{
ldapAdapter.close();
LOGGER.log(Level.INFO,"LDAP authentication successful: " + uid);
return true;
}
}
catch (NamingException e)
{ e.printStackTrace(); }
LOGGER.log(Level.INFO,"LDAP authentication failed: " + uid);
return Boolean.FALSE;
}
}
//******************************************************************************
//* Author: Michael Hoffmann
//* Date : 14.04.2013
//* File : LdapSetting.java
//******************************************************************************
package ldap;
//******************************************************************************
//* Dependencies
//******************************************************************************
// …
//******************************************************************************
//* Class Definition
//******************************************************************************
public class LdapSetting {
//————————————————————————–
// Member
//————————————————————————–
private String ldapUrl;
private String ldapPort;
private String securityAuthentication;
private String securityCredential;
private String securityPrincipal;
//————————————————————————–
// Getter
//————————————————————————–
public String getLdapUrl()
{ return ldapUrl; }
public String getLdapPort()
{ return ldapPort; }
public String getSecurityAuthentication()
{ return securityAuthentication; }
public String getSecurityCredential()
{ return securityCredential; }
public String getSecurityPrincipal()
{ return securityPrincipal; }
//————————————————————————–
// Setter
//————————————————————————–
public void setLdapUrl(String ldapUrl)
{ this.ldapUrl = ldapUrl; }
public void setLdapPort(String ldapPort)
{ this.ldapPort = ldapPort; }
public void setSecurityAuthentication(String securityAuthentication)
{ this.securityAuthentication = securityAuthentication; }
public void setSecurityCredential(String securityCredential)
{ this.securityCredential = securityCredential; }
public void setSecurityPrincipal(String securityPrincipal)
{ this.securityPrincipal = securityPrincipal; }
// Additional Getter
public String getProviderUrl()
{ return ldapUrl + ":" + ldapPort; }
}
//******************************************************************************
//* Author: Michael Hoffmann
//* Date : 14.04.2013
//* File : LdapAdapter.java
//******************************************************************************
package ldap;
//******************************************************************************
//* Dependencies
//******************************************************************************
import java.util.Hashtable;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.naming.Context;
import javax.naming.InitialContext;
import javax.naming.NamingException;
//******************************************************************************
//* Class Definition
//******************************************************************************
public class LdapAdapter {
//————————————————————————–
// Member
//————————————————————————–
private final static String FACTORY =
"com.sun.jndi.ldap.LdapCtxFactory";
private static final Logger LOGGER =
Logger.getLogger(LdapAdapter.class.getName());
private Context context;
//————————————————————————–
// Ldap
//————————————————————————–
public boolean authenticate(LdapSetting ldapSetting) throws NamingException
{
LOGGER.log(Level.INFO,"try to connect");
Hashtable<String, String> env = new Hashtable<String, String>();
env.put(Context.INITIAL_CONTEXT_FACTORY,FACTORY);
env.put(Context.PROVIDER_URL,ldapSetting.getProviderUrl());
env.put(Context.SECURITY_AUTHENTICATION,ldapSetting.getSecurityAuthentication());
env.put(Context.SECURITY_PRINCIPAL,ldapSetting.getSecurityPrincipal());
env.put(Context.SECURITY_CREDENTIALS,ldapSetting.getSecurityCredential());
context = new InitialContext(env);
LOGGER.log(Level.INFO,"connected");
return context != null;
}
public void close() throws NamingException
{
context.close();
LOGGER.log(Level.INFO,"connection closed");
}
}
Snippet: activiti-standalone-context.xml
…
<bean id="processEngineConfiguration" class="org.activiti.spring.SpringProcessEngineConfiguration">
<property name="dataSource" ref="dataSource" />
<property name="transactionManager" ref="transactionManager" />
<property name="databaseSchemaUpdate" value="true" />
<property name="jobExecutorActivate" value="true" />
<property name="customFormTypes">
<list>
<bean class="org.activiti.explorer.form.UserFormType"/>
<bean class="org.activiti.explorer.form.ProcessDefinitionFormType"/>
<bean class="org.activiti.explorer.form.MonthFormType"/>
</list>
</property>
<property name="customSessionFactories">
<list>
<bean class="ldap.LdapUserManagerFactory">
<constructor-arg ref="LdapSettingBean" />
</bean>
</list>
</property>
</bean>
<bean id="LdapSettingBean" class="ldap.LdapSetting">
<property name="ldapUrl" value="ldap://localhost" />
<property name="ldapPort" value="10389" />
<property name="securityAuthentication" value="simple" />
</bean>
…
File: db.properties
db=postgresql
jdbc.driver=org.postgresql.Driver
jdbc.url=jdbcostgresql://localhost:5432/activiti
jdbc.username=postgres
jdbc.password=admin
As already mentioned, this is just an entry point to start supporting features of the Activiti Engine with Ldap-Context.
Michael
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-15-2013 05:54 AM
Thanks for posting back on your own questions, much appreciated!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-19-2013 02:45 AM
Thanks for your valuable information.
I tried this solution in activiti 5.12 The method "CheckPassword" return true but user not Getting in his page. After "checkPassword" retur true its authenticated with LDAP but not logged-In
I tried this solution in activiti 5.12 The method "CheckPassword" return true but user not Getting in his page. After "checkPassword" retur true its authenticated with LDAP but not logged-In
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-19-2013 03:10 AM
Well, if i understand correctly what you mean you should check out the following:
DB and LDAP must be synchonized, that means with the given source above the user must exist also in the database.
The Activiti Engine (AE) will do more operations like "findUserById" and other stuff which is not implemented.
Because of that the AE will search the authenticated user in its DB, where it may not find it, so the loggin fails. So, if you use a test database, just add your "testUser", then after the authentication the AE will loggin with that user.
Michael
DB and LDAP must be synchonized, that means with the given source above the user must exist also in the database.
The Activiti Engine (AE) will do more operations like "findUserById" and other stuff which is not implemented.
Because of that the AE will search the authenticated user in its DB, where it may not find it, so the loggin fails. So, if you use a test database, just add your "testUser", then after the authentication the AE will loggin with that user.
Michael
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-14-2013 06:06 AM
Hi Michael,
I am new to Activiti BPM and am trying to integrate Activiti with ADS but only through activiti-standalone-context.xml configuration.
From your above post, Do you mean that every time I create a user in LDAP, I need to manually create new entry for user in the act_id_user table as well?
Thanks & Regards,
Amit
I am new to Activiti BPM and am trying to integrate Activiti with ADS but only through activiti-standalone-context.xml configuration.
From your above post, Do you mean that every time I create a user in LDAP, I need to manually create new entry for user in the act_id_user table as well?
Thanks & Regards,
Amit
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-19-2013 03:50 AM
Thanks