1 Reply Latest reply on May 31, 2007 10:38 AM by kukeltje

    Swimlanes, Assignment and Active Directory Integration

    belthazor
    belthazor May 31, 2007 5:15 AM

      Hi,

      I'm kind of new to the JBoss / JBPM world. I successfully managed to set up the Getting Started version. I also managed to set up authentication with Active Directory.

      Here's my config:

      <application-policy name = "jbpm">
 <authentication>
 <login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="required">
 <module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
 <module-option name="java.naming.provider.url">ldap://chbasvvm703/</module-option>
 <module-option name="java.naming.security.authentication">simple</module-option>
 <module-option name="principalDNPrefix"></module-option>
 <module-option name="uidAttributeID">sAMAccountName</module-option>
 <module-option name="principalDNSuffix">@hapimag.local</module-option>
 <module-option name="baseCtxDN">OU=HAPIMAG,DC=hapimag,DC=local</module-option>
 <module-option name="rolesCtxDN">OU=HAPIMAG,DC=hapimag,DC=local</module-option>
 <module-option name="roleAttributeID">memberOf</module-option>
 <module-option name="roleNameAttributeID">cn</module-option>
 <module-option name="roleAttributeIsDN">true</module-option>
 <module-option name="roleRecursion">-1</module-option>
 <module-option name="searchTimeLimit">5000</module-option>
 <module-option name="searchScope">SUBTREE_SCOPE</module-option>
 </login-module>
 </authentication>
</application-policy>


      I now want to create a process. I did just like I was told in the "Getting started" guide and created the process states, transitions and swimlanes, then creating tasks, add the required properties and fields, etc.

      The guide tells me to use something like "user(bert)" as assignment expression for the swimlane. Unfortunately, even if bert is a user in my Active Directory and has the appropriate roles, JBpm tells me: "Couldn't resolve assignment expression 'user(bert)'."

      I read the chapter "11.3 Assignement" from the manual (http://docs.jboss.com/jbpm/v3/userguide/taskmanagement.html) but I did not get it.
      Do I have to code my own identity module or what are my next steps?
      What I thought about when I started was that I could use something like "role(it-people)" and that jBpm would read from Active Directory and do the assignment.

      Could anyone please point me into the right direction!
      Thanks in advance

      Belthazor




      • 2812 Views
      • Tags:
        • 1. Re: Swimlanes, Assignment and Active Directory Integration
          kukeltje
          kukeltje May 31, 2007 10:38 AM (in response to belthazor)

          Yes, the jboss authentication and the jbpm identity module are two separate solutions. In the starterkit they both refer to the same database. So if you change the jboss login to AD, that has not relation at all to the identity module.

          There have been some requests to have an ldap based identity module as well, but AD is ,with regard to the roles, another issue. So yes, you have to write your own.

          The JBoss Portal 2.6 has an ldap based identity module and combining that with jBPM would be an interesting solution. But... that should not require you to use the full portal. Maybe it should become a separate project but that is up to JBoss. I can only try to influence that to a small extend.

            • Actions