Ldap in bonita community
in old version of bonita i used autehtication with active directory by creating new class (SimpleLdapAuth.class).
but in version 6 i can't do this (the package changed org.ow2.bonita.services.AuthenticationService)
can you help me where i can get authentication with active directory in bonita community v6.1
thank's
Here is a little bit of clarification.
First in Bonita version 6, LDAP involved different topics:
- Authenticate a user against a LDAP server
- Create LDAP users in Bonita Engine DB
- Assign tasks to users based on information available in LDAP server
First thing to know is that it's mandatory to have users in Bonita Engine DB. All tasks assignment (even if it rely on LDAP info) will use user id (an integer) store in Bonita Engine DB. It will not use username as you can find it both in LDAP server and Bonita Engine DB. To synchronize users between LDAP server and Bonita Engine DB you can use the Subscription versions tool: LDAP synchronizer. If you are running Community version you will need to build your own tool using Engine API.
For the authentication part, you need to configure Engine in order to use LDAP server to check user credentials (user name and password). For Subscription versions this is explained in documentation. If you are using community you will need to implement your own Bonita Engine authentication service.
Last, in order to assign a task to a user, you can mapped "actor" declared in process definition to your company organization (group / role) as stored in Bonita Engine DB. Or you can use filter that will run once and generate a list of user id. Your filter might directly call the LDAP to find out users that should perform the task (i.e. get a list of usernames) and then should call the Bonita Engine API in order to convert username to Bonita user id. Note that it's mandatory to have users in Bonita Engine DB.
Hi,
You can implement the identityService and change cfg-bonita-identity-impl.xml with your implementation. You must copy the jar that contains the .class to server classpath.
Comments
I am trying to implement the GenericAuthenticationService(cfg-bonita-authentication-impl) following your indications but when I login in bonita it crashes, the only code i have is a true in return of the method checkUserCredentials.
The console shows:
Node not started. Method 'org.bonitasoft.engine.api.LoginAPI.login' cannot be called until node has been started (PlatformAPI.startNode()) Node not started. Method 'org.bonitasoft.engine.api.LoginAPI.login' cannot be called until node has been started (PlatformAPI.startNode())
I have solved this problem, but now, I am implementing the identityService. I must return a SUser in some methods, and I am not able to instantiate it or set most of attributes, only id and tennant id.
¿Is there any way to do it?
Edit: The implementation is SUserImpl
Hi,
Actor module in v6 has been improved. We are in the process of migrating old actor mapper to v6. In the mean time you can create an actor filter and copy the logic of retrieving LDAP users from the v5 actor mapping.
LDAP is available in community edition with actors filters. They can be created easily.
Cheers
Comments
LDAP is available in community edition with actors filters. They can be created easily.
I don't understand this at all. ¿Could you explain it a little bit?
Thanks!
I am also implementing this but it can't find my class? How can I put in the class path? I am trying it with JBOSS bundle. I already tried to insert in the classpath via run.sh but it didn't work.
Note that actor filter based on LDAP server information are not available out of the box in Community version. Still it should be easy to create them if you read the Oracle LDAP tutorial and Bonita documentation about creating an actor filter .
Comments
Hi,
I might be wrong but as far as I've red, the LDAP is no longer avaiable in community edition.