-
1. Re: JBPM5 /LDAP
npereira Jun 13, 2011 10:43 AM (in response to dandanlo)Hi,
This is an excelent question.
I'm also interested in seeing how jBPM5 is able to integrate with LDAP and if it will ever be able to do it?
Regards,
npereira
-
2. Re: JBPM5 /LDAP
onogue Jun 14, 2011 1:50 PM (in response to dandanlo)Hi,
It`s important to know if it is possible to integrate with Ldap.
I would appreciate information on this topic.
Thanks in advance,
onogue
-
3. Re: JBPM5 /LDAP
salaboy21 Jun 14, 2011 7:48 PM (in response to onogue)Hi There,
Yes is possible to integrate jBPM5 with LDAP. Right now jBPM5 keeps only a reference to the external users inside the Human Task Server.
The idea of keeping only the ID is to be able to integrate jBPM5 with any identity component. jBPM5 will work only with the IDs (just a string) and you as integrator will need to do the mappings with your exteranl identity component.
Greetings
-
4. Re: JBPM5 /LDAP
npereira Jun 15, 2011 9:35 AM (in response to salaboy21)Hi,
This is great news, thanks Salatino.
Is there an example that we might take a look?
Regards
-
5. Re: JBPM5 /LDAP
kirubagaran Jun 29, 2011 10:18 AM (in response to salaboy21)Hi Mauricio ,
Post some example , that might help us .... to design
Regards,
Kiru
-
6. Re: JBPM5 /LDAP
krisverlaenen Jun 30, 2011 9:14 PM (in response to npereira)jBPM does not want to manage the user / group relationship but rather have you integrate and existing service like LDAP to resolve this relationship. At this point, you need to register the valid user and group ids before assigning tasks to them (you could do this for example by registering all the valid users and groups in your user system once when setting up the human task service).
At runtime, when you query for tasks, or when doing certain operations, you can also specify which groups a user is part of. In the examples we usually use a predefined set of groupIds, but you could for example query your LDAP system for this information before doing the request.
Check out the humantask example in the jbpm-examples module, that shows some of that in action.Note that we're currently working on an improvement that will allow you to simply implement and register a callback interface for the human task service that will be used to look up valid user / group ids and to resolve user-group relationships. That should make it trivial in the future to register an integration with an LDAP service. Make sure to monitor https://issues.jboss.org/browse/JBPM-3276 for more information when it's integrated in the codebase.
Kris
-
7. Re: JBPM5 /LDAP
salaboy21 Jul 1, 2011 8:52 AM (in response to kirubagaran)Totally.. I will post one example as soon as I get some time to work on or as soon as I find a sponsor for that work. If you know one please let me know
-
8. Re: JBPM5 /LDAP
jackyxp Jul 4, 2011 11:46 PM (in response to dandanlo)Hi,
I am newbie to jBPM5 also. Our company planned to develop a workflow web application in house and we chosed jBPM5. So far the development on web application is good. One big issue is how to connect jBPM5 with our own user repository from LDAP or MySQL. The main requirement is jBPM5 send out email to approver which email is one of the attribute from user repository. Please kind help and suggest any reference or example so that we can complete the task. Thank you very much.
-
9. Re: JBPM5 /LDAP
deepak.singhvi Aug 28, 2012 6:30 AM (in response to krisverlaenen)Is there any complete example (step by step). All these are very confusion and takes no where,
Deepak
-
10. Re: JBPM5 /LDAP
deepak.singhvi Aug 28, 2012 7:50 AM (in response to deepak.singhvi)I did a try on the Evaluation.bpmn it worked for me.
Details are available here:
https://community.jboss.org/message/756421#
Deepak
-
11. Re: JBPM5 /LDAP
joploya Oct 25, 2012 9:01 AM (in response to dandanlo)Hi all,
I encounter difficulty to add LDAP auhentification with the Human Task web service. So I post on this thread and I hope I'm right.
So, I follow both of jbpm 5.3 documentation and the Maciej explanations here : http://mswiderski.blogspot.fr/2012/05/jbpm-53-brings-ldap-into-picture.html
In the human-task war I added a folder (service) : jbpm-human-task-war-5.3.0.Final.war\WEB-INF\classes\org\jbpm\task\service\
and paste a file : jbpm.usergroup.callback.properties, that contains the followings :
#ldap.bind.user= #ldap.bind.pwd= ldap.user.ctx=ou\=people,dc\=myJobDomain,dc\=com ldap.role.ctx=ou\=groups,dc\=myJobDomain,dc\=com ldap.user.filter=(uid\={0}) ldap.role.filter=(cn\={xxx}) ldap.user.roles.filter=(member\={0}) #ldap.user.attr.id= #ldap.roles.attr.id= java.naming.provider.url=ldap://ldap.myJob.com:389
I also modify the web.xml to :
<!-- use org.jbpm.task.service.DefaultUserGroupCallbackImpl to configure sample user group callback for demo purpose--> <init-param> <param-name>user.group.callback.class</param-name> <param-value>classpath:/org/jbpm/task/service/jbpm.usergroup.callback.properties</param-value> </init-param>
But when I deploy the war in jboss serveur it failed with a class not found message error as below :
Caused by: java.lang.ClassNotFoundException: classpath:/org/jbpm/task/service/jbpm.usergroup.callback.properties
Can anyone tell me what I do wrong please?
Regards
-
12. Re: JBPM5 /LDAP
swiderski.maciej Oct 25, 2012 9:05 AM (in response to joploya)init param value should be org.jbpm.task.service.LDAPUserGroupCallbackImpl and not the path to the property file.
HTH
-
13. Re: JBPM5 /LDAP
joploya Oct 25, 2012 9:53 AM (in response to swiderski.maciej)Thank you Maciej for this reply.
I will change to it, but I don't understand this syntaxe, I just understand that it is linked to the UserGroupCallback interface but how it works? Where should I put the file.properties so it can be retrieve in human-task.war?
Edit :
OK it works now.
I realized that the file property was in the human task CORE in the libs of human task war.
Regards,
-
14. Re: JBPM5 /LDAP
rehankhan Mar 19, 2013 9:26 AM (in response to joploya)hi sandra...i am facing some problems so can u send me that configuration and how to make changes in jxplorer or apache studio for ldap users.
n if possible than send me a source which you have change.
Thanks.