Code Monkey home page Code Monkey logo

camunda-bpm-example-own-userdb-schema's Introduction

The Spring Boot application demonstrates how to replace in the Camunda Engine the user and group handling. User, group and membership information will not be stored in the engine, but in separate tables, and the engine is configured to use this tables through the JpaIdentityProviderPlugin. The same tables are used by Spring Security too. The database is an in-memory H2 database.

The tables are:

  • user
  • groups
  • group_authorities
  • group_members

See the schema.sql file in the resources folder. Spring Security is built up on this same tables, by registering the JpaUserDetailsService class.

We create three users and three groups:

alice - member of the admins group. charlie - member of the admins group. joe - member of the guests group.

The passwords are test. See the data.sql file in the resources folder.

The H2 Console runs at: http://localhost:8080/h2-console. Admin username is sa with no password (default).

The camunda REST interface is running on the path http://localhost:8080/rest/... (default).
Is secured with Spring Security, try eg. localhost:8080/rest/engine !

The Camunda Web Applications are accessible here: http://localhost:8080

Or: http://localhost:8080/app/welcome/default/#/login http://localhost:8080/app/admin/default/#/login http://localhost:8080/app/tasklist/default/#/login http://localhost:8080/app/cockpit/default/#/login.

The admin group name in Camunda is set to admins. (with the AdministratorAuthorizationPlugin). So try to login with alice (password: test) first! And and evtl. give permissons to charlie and joe. :) (Or set camunda.bpm.authorization.enabled: false in the application.yaml for the Camunda Web Applications).

The application deploys a process named SimpleProcess too. It can be started from a html page http://localhost:8080/start-process.html over the REST interface, the page is secured too.

Remarks:

  • The JpaIdentityProviderPlugin was built after the LDAP plugin. Only the LDAP access was replaced by JPA access.
  • This should not be a common scenario for an embedded engine i think. Yo can restrict the access to the REST interface through Spring Security, and can use the Java interface in the Java program. You can set the assignee property for tasks. The Camunda Web Application could be used only by some separate users, who can be stored in the camunda tables separate from the business users. When is authorization required.

camunda-bpm-example-own-userdb-schema's People

Contributors

palossyl avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.