1.1 LDAP Configuration using XML
1.2 LDAP Configuration XML User Test
1.3 LDAP Configuration XML Group Test
2.1 LDAP Configuration using Annotations
2.2 LDAP Configuration Annotations User Test
2.3 LDAP Configuration Annotations Group Test
1.1 LDAP Configuration using XML
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd">
<bean id="processEngineConfiguration" class="org.activiti.engine.impl.cfg.StandaloneProcessEngineConfiguration">
<property name="jdbcUrl" value="jdbc:h2:mem:activiti;DB_CLOSE_DELAY=1000" />
<property name="jdbcDriver" value="org.h2.Driver" />
<property name="jdbcUsername" value="sa" />
<property name="jdbcPassword" value="" />
<property name="history" value="full" />
<property name="databaseSchemaUpdate" value="true" />
<property name="jobExecutorActivate" value="true" />
<property name="configurators">
<list>
<bean class="org.activiti.ldap.LDAPConfigurator">
<!-- Server connection params -->
<property name="server" value="ldap://localhost" />
<property name="port" value="10389" />
<property name="user" value="uid=admin,ou=system" />
<property name="password" value="secret" />
<!-- Query params -->
<property name="baseDn" value="" />
<property name="queryUserByUserId" value="(&(objectClass=inetOrgPerson)(uid={0}))" />
<property name="queryUserByFullNameLike" value="(&(objectClass=inetOrgPerson)(|({0}=*{1}*)({2}=*{3}*)))" />
<property name="queryGroupsForUser" value="(&(objectClass=groupOfUniqueNames)(uniqueMember={0}))" />
<!-- Attribute config -->
<property name="userIdAttribute" value="uid" />
<property name="userFirstNameAttribute" value="cn" />
<property name="userLastNameAttribute" value="sn" />
<property name="groupIdAttribute" value="cn" />
<property name="groupNameAttribute" value="cn" />
</bean>
</list>
</property>
</bean>
</beans>
1.2 LDAP Configuration XML Test
package com.nuke.activiti.ldap;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
import org.activiti.engine.identity.User;
import org.activiti.engine.test.ActivitiRule;
import org.junit.Rule;
import org.junit.Test;
import com.nuke.activiti.common.AbstractTest;
public class LDAPUserTest extends AbstractTest {
@Rule
public ActivitiRule activitiRule = new ActivitiRule("activiti.cfg.xml");
@Test
public void testCheckLogin() {
boolean validated = activitiRule.getIdentityService().checkPassword("kermit", "kermit");
assertTrue(validated);
}
@Test
public void testCheckLoginFailure() {
boolean validated = activitiRule.getIdentityService().checkPassword("kermit", "kermit2");
assertFalse(validated);
}
@Test
public void findUserById() throws Exception {
User user = activitiRule.getIdentityService().createUserQuery().userId("kermit").singleResult();
assertNotNull(user);
assertEquals("kermit", user.getId());
assertEquals("kermit", user.getLastName());
}
}
1.3 LDAP Configuration XML Group Test
package com.nuke.activiti.ldap;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
import java.util.List;
import org.activiti.engine.identity.Group;
import org.activiti.engine.test.ActivitiRule;
import org.junit.Rule;
import org.junit.Test;
import com.nuke.activiti.common.AbstractTest;
public class LDAPGroupTest extends AbstractTest {
@Rule
public ActivitiRule activitiRule = new ActivitiRule("activiti.cfg.xml");
@Test
public void findGroupByMember() throws Exception {
List<Group> groupList = activitiRule.getIdentityService().createGroupQuery().groupMember("kermit").list();
for (Group group : groupList){
System.out.println(group.getName());
}
assertNotNull(groupList);
assertEquals(3, groupList.size());
}
}
2.1 LDAP Configuration using Annotations
package com.nuke.ldap;
import org.activiti.ldap.LDAPConfigurator;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.PropertySource;
@Configuration
public class LDAPConfiguration {
@Bean
public LDAPConfigurator LDAPConfig(){
LDAPConfigurator ldapConfig = new LDAPConfigurator();
ldapConfig.setServer("localhost");
ldapConfig.setPort(10389);
ldapConfig.setUser("uid=admin,ou=system");
ldapConfig.setPassword("secret");
ldapConfig.setBaseDn("");
ldapConfig.setQueryUserByUserId("(&(objectClass=inetOrgPerson)(uid={0}))");
ldapConfig.setQueryUserByFullNameLike("(&(objectClass=inetOrgPerson)(|({0}=*{1}*)({2}=*{3}*)))");
ldapConfig.setQueryGroupsForUser("(&(objectClass=groupOfUniqueNames)(uniqueMember={0}))");
ldapConfig.setUserIdAttribute("uid");
ldapConfig.setUserFirstNameAttribute("cn");
ldapConfig.setUserLastNameAttribute("sn");
ldapConfig.setGroupIdAttribute("cn");
ldapConfig.setGroupNameAttribute("cn");
return ldapConfig;
}
}
package com.nuke.config;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import javax.persistence.EntityManagerFactory;
import javax.sql.DataSource;
import org.activiti.engine.ProcessEngineConfiguration;
import org.activiti.engine.cfg.ProcessEngineConfigurator;
import org.activiti.engine.impl.HistoryServiceImpl;
import org.activiti.engine.impl.IdentityServiceImpl;
import org.activiti.engine.impl.ManagementServiceImpl;
import org.activiti.engine.impl.RepositoryServiceImpl;
import org.activiti.engine.impl.RuntimeServiceImpl;
import org.activiti.engine.impl.TaskServiceImpl;
import org.activiti.engine.impl.cfg.ProcessEngineConfigurationImpl;
import org.activiti.engine.impl.history.HistoryLevel;
import org.activiti.engine.test.ActivitiRule;
import org.activiti.ldap.LDAPConfigurator;
import org.activiti.spring.SpringProcessEngineConfiguration;
import org.activiti.spring.annotations.AbstractActivitiConfigurer;
import org.activiti.spring.annotations.EnableActiviti;
import org.apache.commons.dbcp.BasicDataSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Import;
import org.springframework.orm.jpa.JpaTransactionManager;
import org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean;
import org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter;
import org.springframework.transaction.PlatformTransactionManager;
import org.springframework.transaction.annotation.EnableTransactionManagement;
import org.springframework.core.io.ClassPathResource;
import org.springframework.core.io.Resource;
import com.nuke.ldap.LDAPConfiguration;
@Configuration
@EnableActiviti
@EnableTransactionManagement(proxyTargetClass = true)
@Import({LDAPConfiguration.class})
//@PropertySource("file:conf/lc-merged.properties")
public class ActivitConfiguration {
@Autowired
LDAPConfigurator ldapConfigurator;
@Bean
public DataSource inMemoryDataSource() {
BasicDataSource basicDataSource = new BasicDataSource();
basicDataSource.setUsername("sa");
basicDataSource.setUrl("jdbc:h2:mem:activiti");
basicDataSource.setDefaultAutoCommit(false);
basicDataSource.setDriverClassName(org.h2.Driver.class.getName());
basicDataSource.setPassword("");
return basicDataSource;
}
@Bean
public LocalContainerEntityManagerFactoryBean entityManagerFactoryBean(DataSource inMemoryDataSource) {
LocalContainerEntityManagerFactoryBean localContainerEntityManagerFactoryBean = new LocalContainerEntityManagerFactoryBean();
localContainerEntityManagerFactoryBean.setDataSource(inMemoryDataSource);
localContainerEntityManagerFactoryBean.setPackagesToScan(new String[]{"com.nuke.model"});
localContainerEntityManagerFactoryBean.setPersistenceUnitName("nuke");
HibernateJpaVendorAdapter jpaVendorAdapter = new HibernateJpaVendorAdapter();
jpaVendorAdapter.setGenerateDdl(false);
jpaVendorAdapter.setShowSql(false);
jpaVendorAdapter.setDatabasePlatform("org.hibernate.dialect.H2Dialect");
localContainerEntityManagerFactoryBean.setJpaVendorAdapter(jpaVendorAdapter);
return localContainerEntityManagerFactoryBean;
}
@Bean
public PlatformTransactionManager jpaTransactionManager(EntityManagerFactory entityManagerFactoryBean) {
return new JpaTransactionManager(entityManagerFactoryBean);
}
@Value("${LC_NUKE_MAIL_HOST}")
private String mailHost;
@Value("${LC_NUKE_MAIL_USERNAME}")
private String mailUsername;
@Value("${LC_NUKE_MAIL_PASSWORD}")
private String mailServerPassword;
@Bean
public AbstractActivitiConfigurer abstractActivitiConfigurer(final EntityManagerFactory entityManagerFactoryBean, final PlatformTransactionManager jpaTransactionManager) {
return new AbstractActivitiConfigurer() {
@Override
public void postProcessSpringProcessEngineConfiguration(SpringProcessEngineConfiguration engine) {
engine.setDatabaseType("h2");
engine.setDataSource(inMemoryDataSource());
engine.setTransactionManager(jpaTransactionManager);
engine.setJpaEntityManagerFactory(entityManagerFactoryBean);
engine.setJpaHandleTransaction(true);
engine.setJobExecutorActivate(true);
engine.setJpaCloseEntityManager(false);
engine.setMailServerDefaultFrom("nucleus@lc.com");
engine.setMailServerHost(mailHost);
engine.setMailServerPort(587);
engine.setMailServerUsername(mailUsername);
engine.setMailServerPassword(mailServerPassword);
engine.setMailServerUseSSL(true);
engine.setMailServerUseTLS(true);
engine.setRepositoryService(repositoryService());
engine.setTaskService(taskService());
engine.setManagementService(managementService());
engine.setRuntimeService(runtimeService());
engine.setIdentityService(identityService());
engine.setHistoryService(historyService());
engine.setHistoryLevel(HistoryLevel.AUDIT);
Resource[] processResources = new Resource[1] ;
Resource underwritingQueueProcess = new ClassPathResource("diagrams/underwriting_queue.bpmn");
processResources[0]=underwritingQueueProcess;
engine.setDeploymentResources(processResources);
engine.setConfigurators(new ArrayList<ProcessEngineConfigurator>(Arrays.asList(ldapConfigurator)));
engine.setDatabaseSchemaUpdate(ProcessEngineConfiguration.DB_SCHEMA_UPDATE_TRUE);
}
};
}
@Bean
public RepositoryServiceImpl repositoryService(){
RepositoryServiceImpl repositoryService = new RepositoryServiceImpl();
return repositoryService;
}
@Bean
public TaskServiceImpl taskService(){
TaskServiceImpl taskService = new TaskServiceImpl();
return taskService;
}
@Bean
public ManagementServiceImpl managementService(){
ManagementServiceImpl managementService = new ManagementServiceImpl();
return managementService;
}
@Bean
public RuntimeServiceImpl runtimeService(){
RuntimeServiceImpl runtimeService = new RuntimeServiceImpl();
return runtimeService;
}
@Bean
public HistoryServiceImpl historyService(){
HistoryServiceImpl historyService = new HistoryServiceImpl();
return historyService;
}
@Bean
public IdentityServiceImpl identityService(){
IdentityServiceImpl identityService = new IdentityServiceImpl();
return identityService;
}
@Bean
public ActivitiRule activityRule(ProcessEngineConfigurationImpl abstractActivitiConfigurer){
ActivitiRule activityRule = new ActivitiRule();
activityRule.setProcessEngineConfiguration(abstractActivitiConfigurer);
return activityRule;
}
}
2.2 LDAP Configuration Annotations User Test
package com.nuke.activiti.ldap;
import static org.junit.Assert.*;
import org.activiti.engine.identity.User;
import org.activiti.engine.test.ActivitiRule;
import org.junit.Rule;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import com.nuke.config.ActivitConfiguration;
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration(classes=ActivitConfiguration.class)
public class SpringLDAPUserTest {
@Autowired
@Rule
public ActivitiRule activitiSpringRule;
@Test
public void testCheckLogin() {
boolean validated = activitiSpringRule.getIdentityService().checkPassword("kermit", "kermit");
assertTrue(validated);
}
@Test
public void testCheckLoginFailure() {
boolean validated = activitiSpringRule.getIdentityService().checkPassword("kermit", "kermit2");
assertFalse(validated);
}
@Test
public void findUserById() throws Exception {
User user = activitiSpringRule.getIdentityService().createUserQuery().userId("kermit").singleResult();
assertNotNull(user);
assertEquals("kermit", user.getId());
assertEquals("kermit", user.getLastName());
}
}
2.3 LDAP Configuration Annotations Group Test
package com.nuke.activiti.ldap;
import static org.junit.Assert.*;
import java.util.List;
import org.activiti.engine.identity.Group;
import org.activiti.engine.test.ActivitiRule;
import org.junit.Rule;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import com.nuke.config.ActivitConfiguration;
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration(classes=ActivitConfiguration.class)
public class SpringLDAPGroupTest {
@Autowired
@Rule
public ActivitiRule activitiSpringRule;
@Test
public void findGroupByMember() throws Exception {
List<Group> groupList = activitiSpringRule.getIdentityService().createGroupQuery().groupMember("kermit").list();
for (Group group : groupList){
System.out.println(group.getName());
}
assertNotNull(groupList);
assertEquals(3, groupList.size());
}
}
Thys Michels Blog 
Great tutorials, and how about those resources file “diagrams/underwriting_queue.bpmn” and “activiti-cfg.xml” ,even more source code can be download?
Thanks,
Yangbo
Hello Thys Michels, excuse me but i have a problem and maybe you can help me. In my corporation we have two different ldap servers, server1 and server2 and we need to authenticate against server1 and if user is not there then authenticate against server 2. I had been searching for some solution but seems that nobody has this problem. Can you give me a light about how can a solve this problem. Thanks a lot.
Hello Mr. I am looking for a way to access Active via LDAP, thank you, I have read this files (Which you wrote) but I did not know how to use these files! Can you help me to understand the way? thanks
Reblogged this on أوراق الورد الجوري.