3 Replies Latest reply on Mar 24, 2006 11:49 AM by michaelholtzman

    V3.1 Authentication Model

    michaelholtzman
    michaelholtzman Mar 23, 2006 2:24 PM

      I recently looked at the security framework in 3.1, and I am a little confused. The interface org.jbpm.security.AuthenticationService does not include a method to set the authenticated actor id.

      That means I cannot do something like

      AuthenticationService authenticate = jbpmContext.getServices().getAuthenticationService();
authenticate.setActorId(someUserIdString);


      Is this an oversight, or am I missing something?

      Thanx.

      • 1575 Views
      • Tags:
        • 1. Re: V3.1 Authentication Model
          michaelholtzman
          michaelholtzman Mar 23, 2006 3:22 PM (in response to michaelholtzman)

          On a related note ...

          When I retrieve ProcessLogs for a process instance, the "actorId" field is always null. I expected that setting actorId on the JbpmContext would propagate into the process logs, but that doesn't seem to be the case.

          I need the log to include who (which actor) initiated a JBPM action (action in the generic sense, not a specific JBPM action).

          Thanx for any tips.

            • Actions
          • 2. Re: V3.1 Authentication Model
            tom.baeyens
            tom.baeyens Mar 24, 2006 5:01 AM (in response to michaelholtzman)

            The default authentication service is based on a thread local.

            You can set the actorId with the method JbpmContext.setActorId(String).

            You only should plug in a new authentication service in case you want the current actor to be obtained automatically from the environment like e.g. Subject.getSubject(...).

              • Actions
            • 3. Re: V3.1 Authentication Model
              michaelholtzman
              michaelholtzman Mar 24, 2006 11:49 AM (in response to michaelholtzman)

              That's exactly what I am doing:

              authenticate = jbpmContext.getServices().getAuthenticationService();
((DefaultAuthenticationService)authenticate).setActorId("whatever");
/* --snip --*/
jbpmContext.setActorId(SecurityHelper.getAuthenticatedActorId());


              Yet, when I get the logs, the actorId is null: 

              JbpmContext cx = Manager.jbpmConfiguration.createJbpmContext();
Map logs = cx.getLoggingSession().findLogsByProcessInstance(instanceId);
if (logs != null) {
 Set keys = logs.keySet();
 for (Iterator it = keys.iterator(); it.hasNext();) {
 Token tk = (Token)it.next();
 List pl = (List)logs.get(tk);
 for (Iterator lit = pl.iterator(); lit.hasNext();) {
 ProcessLog procLog = (ProcessLog)lit.next();
 user = procLog.getActorId();
 }
 }
}
cx.close();

              "user" always comes back null.


                • Actions