1.1 LDAP Configuration using XML
1.2 LDAP Configuration XML User Test
1.3 LDAP Configuration XML Group Test
2.1 LDAP Configuration using Annotations
2.2 LDAP Configuration Annotations User Test
2.3 LDAP Configuration Annotations Group Test
1.1 LDAP Configuration using XML
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd"> <bean id="processEngineConfiguration" class="org.activiti.engine.impl.cfg.StandaloneProcessEngineConfiguration"> <property name="jdbcUrl" value="jdbc:h2:mem:activiti;DB_CLOSE_DELAY=1000" /> <property name="jdbcDriver" value="org.h2.Driver" /> <property name="jdbcUsername" value="sa" /> <property name="jdbcPassword" value="" /> <property name="history" value="full" /> <property name="databaseSchemaUpdate" value="true" /> <property name="jobExecutorActivate" value="true" /> <property name="configurators"> <list> <bean class="org.activiti.ldap.LDAPConfigurator"> <!-- Server connection params --> <property name="server" value="ldap://localhost" /> <property name="port" value="10389" /> <property name="user" value="uid=admin,ou=system" /> <property name="password" value="secret" /> <!-- Query params --> <property name="baseDn" value="" /> <property name="queryUserByUserId" value="(&(objectClass=inetOrgPerson)(uid={0}))" /> <property name="queryUserByFullNameLike" value="(&(objectClass=inetOrgPerson)(|({0}=*{1}*)({2}=*{3}*)))" /> <property name="queryGroupsForUser" value="(&(objectClass=groupOfUniqueNames)(uniqueMember={0}))" /> <!-- Attribute config --> <property name="userIdAttribute" value="uid" /> <property name="userFirstNameAttribute" value="cn" /> <property name="userLastNameAttribute" value="sn" /> <property name="groupIdAttribute" value="cn" /> <property name="groupNameAttribute" value="cn" /> </bean> </list> </property> </bean> </beans>
1.2 LDAP Configuration XML Test
package com.nuke.activiti.ldap; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertTrue; import org.activiti.engine.identity.User; import org.activiti.engine.test.ActivitiRule; import org.junit.Rule; import org.junit.Test; import com.nuke.activiti.common.AbstractTest; public class LDAPUserTest extends AbstractTest { @Rule public ActivitiRule activitiRule = new ActivitiRule("activiti.cfg.xml"); @Test public void testCheckLogin() { boolean validated = activitiRule.getIdentityService().checkPassword("kermit", "kermit"); assertTrue(validated); } @Test public void testCheckLoginFailure() { boolean validated = activitiRule.getIdentityService().checkPassword("kermit", "kermit2"); assertFalse(validated); } @Test public void findUserById() throws Exception { User user = activitiRule.getIdentityService().createUserQuery().userId("kermit").singleResult(); assertNotNull(user); assertEquals("kermit", user.getId()); assertEquals("kermit", user.getLastName()); } }
1.3 LDAP Configuration XML Group Test
package com.nuke.activiti.ldap; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertNotNull; import java.util.List; import org.activiti.engine.identity.Group; import org.activiti.engine.test.ActivitiRule; import org.junit.Rule; import org.junit.Test; import com.nuke.activiti.common.AbstractTest; public class LDAPGroupTest extends AbstractTest { @Rule public ActivitiRule activitiRule = new ActivitiRule("activiti.cfg.xml"); @Test public void findGroupByMember() throws Exception { List<Group> groupList = activitiRule.getIdentityService().createGroupQuery().groupMember("kermit").list(); for (Group group : groupList){ System.out.println(group.getName()); } assertNotNull(groupList); assertEquals(3, groupList.size()); } }
2.1 LDAP Configuration using Annotations
package com.nuke.ldap; import org.activiti.ldap.LDAPConfigurator; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.PropertySource; @Configuration public class LDAPConfiguration { @Bean public LDAPConfigurator LDAPConfig(){ LDAPConfigurator ldapConfig = new LDAPConfigurator(); ldapConfig.setServer("localhost"); ldapConfig.setPort(10389); ldapConfig.setUser("uid=admin,ou=system"); ldapConfig.setPassword("secret"); ldapConfig.setBaseDn(""); ldapConfig.setQueryUserByUserId("(&(objectClass=inetOrgPerson)(uid={0}))"); ldapConfig.setQueryUserByFullNameLike("(&(objectClass=inetOrgPerson)(|({0}=*{1}*)({2}=*{3}*)))"); ldapConfig.setQueryGroupsForUser("(&(objectClass=groupOfUniqueNames)(uniqueMember={0}))"); ldapConfig.setUserIdAttribute("uid"); ldapConfig.setUserFirstNameAttribute("cn"); ldapConfig.setUserLastNameAttribute("sn"); ldapConfig.setGroupIdAttribute("cn"); ldapConfig.setGroupNameAttribute("cn"); return ldapConfig; } }
package com.nuke.config; import java.util.ArrayList; import java.util.Arrays; import java.util.HashMap; import java.util.List; import javax.persistence.EntityManagerFactory; import javax.sql.DataSource; import org.activiti.engine.ProcessEngineConfiguration; import org.activiti.engine.cfg.ProcessEngineConfigurator; import org.activiti.engine.impl.HistoryServiceImpl; import org.activiti.engine.impl.IdentityServiceImpl; import org.activiti.engine.impl.ManagementServiceImpl; import org.activiti.engine.impl.RepositoryServiceImpl; import org.activiti.engine.impl.RuntimeServiceImpl; import org.activiti.engine.impl.TaskServiceImpl; import org.activiti.engine.impl.cfg.ProcessEngineConfigurationImpl; import org.activiti.engine.impl.history.HistoryLevel; import org.activiti.engine.test.ActivitiRule; import org.activiti.ldap.LDAPConfigurator; import org.activiti.spring.SpringProcessEngineConfiguration; import org.activiti.spring.annotations.AbstractActivitiConfigurer; import org.activiti.spring.annotations.EnableActiviti; import org.apache.commons.dbcp.BasicDataSource; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Import; import org.springframework.orm.jpa.JpaTransactionManager; import org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean; import org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter; import org.springframework.transaction.PlatformTransactionManager; import org.springframework.transaction.annotation.EnableTransactionManagement; import org.springframework.core.io.ClassPathResource; import org.springframework.core.io.Resource; import com.nuke.ldap.LDAPConfiguration; @Configuration @EnableActiviti @EnableTransactionManagement(proxyTargetClass = true) @Import({LDAPConfiguration.class}) //@PropertySource("file:conf/lc-merged.properties") public class ActivitConfiguration { @Autowired LDAPConfigurator ldapConfigurator; @Bean public DataSource inMemoryDataSource() { BasicDataSource basicDataSource = new BasicDataSource(); basicDataSource.setUsername("sa"); basicDataSource.setUrl("jdbc:h2:mem:activiti"); basicDataSource.setDefaultAutoCommit(false); basicDataSource.setDriverClassName(org.h2.Driver.class.getName()); basicDataSource.setPassword(""); return basicDataSource; } @Bean public LocalContainerEntityManagerFactoryBean entityManagerFactoryBean(DataSource inMemoryDataSource) { LocalContainerEntityManagerFactoryBean localContainerEntityManagerFactoryBean = new LocalContainerEntityManagerFactoryBean(); localContainerEntityManagerFactoryBean.setDataSource(inMemoryDataSource); localContainerEntityManagerFactoryBean.setPackagesToScan(new String[]{"com.nuke.model"}); localContainerEntityManagerFactoryBean.setPersistenceUnitName("nuke"); HibernateJpaVendorAdapter jpaVendorAdapter = new HibernateJpaVendorAdapter(); jpaVendorAdapter.setGenerateDdl(false); jpaVendorAdapter.setShowSql(false); jpaVendorAdapter.setDatabasePlatform("org.hibernate.dialect.H2Dialect"); localContainerEntityManagerFactoryBean.setJpaVendorAdapter(jpaVendorAdapter); return localContainerEntityManagerFactoryBean; } @Bean public PlatformTransactionManager jpaTransactionManager(EntityManagerFactory entityManagerFactoryBean) { return new JpaTransactionManager(entityManagerFactoryBean); } @Value("${LC_NUKE_MAIL_HOST}") private String mailHost; @Value("${LC_NUKE_MAIL_USERNAME}") private String mailUsername; @Value("${LC_NUKE_MAIL_PASSWORD}") private String mailServerPassword; @Bean public AbstractActivitiConfigurer abstractActivitiConfigurer(final EntityManagerFactory entityManagerFactoryBean, final PlatformTransactionManager jpaTransactionManager) { return new AbstractActivitiConfigurer() { @Override public void postProcessSpringProcessEngineConfiguration(SpringProcessEngineConfiguration engine) { engine.setDatabaseType("h2"); engine.setDataSource(inMemoryDataSource()); engine.setTransactionManager(jpaTransactionManager); engine.setJpaEntityManagerFactory(entityManagerFactoryBean); engine.setJpaHandleTransaction(true); engine.setJobExecutorActivate(true); engine.setJpaCloseEntityManager(false); engine.setMailServerDefaultFrom("nucleus@lc.com"); engine.setMailServerHost(mailHost); engine.setMailServerPort(587); engine.setMailServerUsername(mailUsername); engine.setMailServerPassword(mailServerPassword); engine.setMailServerUseSSL(true); engine.setMailServerUseTLS(true); engine.setRepositoryService(repositoryService()); engine.setTaskService(taskService()); engine.setManagementService(managementService()); engine.setRuntimeService(runtimeService()); engine.setIdentityService(identityService()); engine.setHistoryService(historyService()); engine.setHistoryLevel(HistoryLevel.AUDIT); Resource[] processResources = new Resource[1] ; Resource underwritingQueueProcess = new ClassPathResource("diagrams/underwriting_queue.bpmn"); processResources[0]=underwritingQueueProcess; engine.setDeploymentResources(processResources); engine.setConfigurators(new ArrayList<ProcessEngineConfigurator>(Arrays.asList(ldapConfigurator))); engine.setDatabaseSchemaUpdate(ProcessEngineConfiguration.DB_SCHEMA_UPDATE_TRUE); } }; } @Bean public RepositoryServiceImpl repositoryService(){ RepositoryServiceImpl repositoryService = new RepositoryServiceImpl(); return repositoryService; } @Bean public TaskServiceImpl taskService(){ TaskServiceImpl taskService = new TaskServiceImpl(); return taskService; } @Bean public ManagementServiceImpl managementService(){ ManagementServiceImpl managementService = new ManagementServiceImpl(); return managementService; } @Bean public RuntimeServiceImpl runtimeService(){ RuntimeServiceImpl runtimeService = new RuntimeServiceImpl(); return runtimeService; } @Bean public HistoryServiceImpl historyService(){ HistoryServiceImpl historyService = new HistoryServiceImpl(); return historyService; } @Bean public IdentityServiceImpl identityService(){ IdentityServiceImpl identityService = new IdentityServiceImpl(); return identityService; } @Bean public ActivitiRule activityRule(ProcessEngineConfigurationImpl abstractActivitiConfigurer){ ActivitiRule activityRule = new ActivitiRule(); activityRule.setProcessEngineConfiguration(abstractActivitiConfigurer); return activityRule; } }
2.2 LDAP Configuration Annotations User Test
package com.nuke.activiti.ldap; import static org.junit.Assert.*; import org.activiti.engine.identity.User; import org.activiti.engine.test.ActivitiRule; import org.junit.Rule; import org.junit.Test; import org.junit.runner.RunWith; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import com.nuke.config.ActivitConfiguration; @RunWith(SpringJUnit4ClassRunner.class) @ContextConfiguration(classes=ActivitConfiguration.class) public class SpringLDAPUserTest { @Autowired @Rule public ActivitiRule activitiSpringRule; @Test public void testCheckLogin() { boolean validated = activitiSpringRule.getIdentityService().checkPassword("kermit", "kermit"); assertTrue(validated); } @Test public void testCheckLoginFailure() { boolean validated = activitiSpringRule.getIdentityService().checkPassword("kermit", "kermit2"); assertFalse(validated); } @Test public void findUserById() throws Exception { User user = activitiSpringRule.getIdentityService().createUserQuery().userId("kermit").singleResult(); assertNotNull(user); assertEquals("kermit", user.getId()); assertEquals("kermit", user.getLastName()); } }
2.3 LDAP Configuration Annotations Group Test
package com.nuke.activiti.ldap; import static org.junit.Assert.*; import java.util.List; import org.activiti.engine.identity.Group; import org.activiti.engine.test.ActivitiRule; import org.junit.Rule; import org.junit.Test; import org.junit.runner.RunWith; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import com.nuke.config.ActivitConfiguration; @RunWith(SpringJUnit4ClassRunner.class) @ContextConfiguration(classes=ActivitConfiguration.class) public class SpringLDAPGroupTest { @Autowired @Rule public ActivitiRule activitiSpringRule; @Test public void findGroupByMember() throws Exception { List<Group> groupList = activitiSpringRule.getIdentityService().createGroupQuery().groupMember("kermit").list(); for (Group group : groupList){ System.out.println(group.getName()); } assertNotNull(groupList); assertEquals(3, groupList.size()); } }
Great tutorials, and how about those resources file “diagrams/underwriting_queue.bpmn” and “activiti-cfg.xml” ,even more source code can be download?
Thanks,
Yangbo
Hello Thys Michels, excuse me but i have a problem and maybe you can help me. In my corporation we have two different ldap servers, server1 and server2 and we need to authenticate against server1 and if user is not there then authenticate against server 2. I had been searching for some solution but seems that nobody has this problem. Can you give me a light about how can a solve this problem. Thanks a lot.
Hello Mr. I am looking for a way to access Active via LDAP, thank you, I have read this files (Which you wrote) but I did not know how to use these files! Can you help me to understand the way? thanks
Reblogged this on أوراق الورد الجوري.