-
-
2. Re: Regarding jbpm-identity
Hi,
If you have figured this out, do let me know. We are trying to use jbpm with our own data source/LDAP. The rules of assignment will also probably be customized at some point(i.e extending ExpressionAssignmentHandler)
What we want to do is load the users/groups/roles from the company's LDAP and assign tasks based on the hierarchy in that. This could vary for each company who uses this application (process def could be slightly different for each company).
Also we would like the assignments to be dynamic. Based on the number of steps in the process, we would need to provide for different number of participants/groups in the app. This is where I'm thinking we'll need to extend the ExpressionAssignmentHandler.
First of all, am I thinking in the right direction?
If anyone could give a brief overview of the tasks involved in substituting the datasource (or point me to some resources) that would be great. I have read the documentation a number of times (and the forums too), but I'm not completely clear on all the things that need to be done.
Please let me know if I need to provide more information.
Thanks so much,
lg -
3. Re: Regarding jbpm-identity
I need to be able to use my own database for users also - no idea how to go about this, the documentation does nor seem to cover it.
-
4. Re: Regarding jbpm-identity
I to have been wrestling with this for some time now.
I commented out the identities references in the Hibernate config (as directed by the documentation) and my app has now developed a problem where the class loader cannot find an AssignmentHandler file that previously worked fine.<swimlane name="Approver"> <assignment class="xxxx.DecisionMakerAssignmentHandler"> </assignment> </swimlane>
09:47:07,959 ERROR [Delegation] couldn't load delegation class 'xxxx.DecisionMakerAssignmentHandler' java.lang.ClassNotFoundException: class 'xxxx.DecisionMakerAssignmentHandler' could not be found by the process classloader
Section 11.11 from the Reference Manual stating "jBPM includes an optional identity component that can be easily replaced by a company's own identity data store" is just not working out like planned.
- If you remove it, other things break.
MG -
5. Re: Regarding jbpm-identity
"MGarl10024" wrote:
Section 11.11 from the Reference Manual stating "jBPM includes an optional identity component that can be easily replaced by a company's own identity data store" is just not working out like planned.
- If you remove it, other things break.
MG
The identitity datamodel which you implement must provide three primary components.
1. USER - key, name, password
2. ROLE - key, rolename (There must be a role for every swimlane you specify in your diagram, this is the problem in your case)
3. USERROLE - this is the tricky bit.
Every USERROLE must have a combination of a valid user and a valid role, and provide the means for the JDBCUserRealm implementation you choose (tomcat, jetty, jboss, etc) to lookup these associations. The one for tomcat is documented on the wiki. Here's the config I use for jetty's org.mortbay.jetty.security.JDBCUserRealm:usertable: JBPM_ID_USER
usertablekey: ID_
usertableuserfield: NAME_
usertablepasswordfield: PASSWORD_
roletable: JBPM_ID_GROUP
roletablekey: ID_
roletablerolefield: NAME_
userroletable: JBPM_ID_MEMBERSHIP
userroletableuserkey: USER_
userroletablerolekey: GROUP_
Note how I am using the default tables which are provided with the jbpm identity mechanism, but the specification of the keys and fields is the critical bit for the jbpm-console to do the lookups through the provided Realm.
Unfortunately, the tomcat wiki pages are not clear enough about the fact that one must provide a complete JDBCUserRealm, with every field mapped, for things to work.
