关闭

Activiti工作流访问路径资源注册和管理

147人阅读 评论(0) 收藏 举报
分类:


        在activiti中每一个用户属于一个用户组,不同的用户拥有不同的权限,不同的权限可以有不同的操作,因此请求的资源路径和登录的安全验证相当的重要。需要添加相关的验证。

       原理实现REST的org.restlet.Application接口实现,实现REST访问方式唯一的入口点,同时添加相关的权限验证。然后再web.xml配置即可。

 

web.xml配置如下:
<?xml version="1.0" encoding="UTF-8"?> 

<web-app id="WebApp_ID" version="2.4" 

            xmlns="http://java.sun.com/xml/ns/j2ee" 

            xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 

            xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee 

                 http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"

 

  <display-name>Activiti REST</display-name>

  

  <listener>

    <listener-class>org.activiti.rest.servlet.ActivitiServletContextListener</listener-class>

  </listener>

 

  <!-- Restlet adapter --> 

  <servlet> 

    <servlet-name>RestletServlet</servlet-name> 

    <servlet-class>org.restlet.ext.servlet.ServerServlet</servlet-class>

    <init-param>

      <!-- Application class name -->

      <param-name>org.restlet.application</param-name>

      <param-value>org.activiti.rest.application.ActivitiRestApplication</param-value>

    </init-param>

  </servlet>

 

  <!-- Catch all requests --> 

  <servlet-mapping> 

    <servlet-name>RestletServlet</servlet-name> 

    <url-pattern>/service/*</url-pattern> 

  </servlet-mapping> 

</web-app>

 

 

 

 

代码如下:

package org.activiti.rest.application;

 

import org.activiti.rest.api.ActivitiUtil;

import org.activiti.rest.api.DefaultResource;

import org.activiti.rest.api.engine.ProcessEngineResource;

import org.activiti.rest.api.identity.GroupResource;

import org.activiti.rest.api.identity.GroupUsersResource;

import org.activiti.rest.api.identity.LoginResource;

import org.activiti.rest.api.identity.UserGroupsResource;

import org.activiti.rest.api.identity.UserPictureResource;

import org.activiti.rest.api.identity.UserResource;

import org.activiti.rest.api.identity.UserSearchResource;

import org.activiti.rest.api.management.JobExecuteResource;

import org.activiti.rest.api.management.JobResource;

import org.activiti.rest.api.management.JobsExecuteResource;

import org.activiti.rest.api.management.JobsResource;

import org.activiti.rest.api.management.TableDataResource;

import org.activiti.rest.api.management.TableResource;

import org.activiti.rest.api.management.TablesResource;

import org.activiti.rest.api.process.ProcessDefinitionFormResource;

import org.activiti.rest.api.process.ProcessDefinitionPropertiesResource;

import org.activiti.rest.api.process.ProcessDefinitionsResource;

import org.activiti.rest.api.process.ProcessInstanceDiagramResource;

import org.activiti.rest.api.process.ProcessInstanceResource;

import org.activiti.rest.api.process.ProcessInstancesResource;

import org.activiti.rest.api.process.StartProcessInstanceResource;

import org.activiti.rest.api.repository.DeploymentDeleteResource;

import org.activiti.rest.api.repository.DeploymentUploadResource;

import org.activiti.rest.api.repository.DeploymentsDeleteResource;

import org.activiti.rest.api.repository.DeploymentsResource;

import org.activiti.rest.api.task.TaskAddResource;

import org.activiti.rest.api.task.TaskAttachmentAddResource;

import org.activiti.rest.api.task.TaskAttachmentResource;

import org.activiti.rest.api.task.TaskFormResource;

import org.activiti.rest.api.task.TaskOperationResource;

import org.activiti.rest.api.task.TaskPropertiesResource;

import org.activiti.rest.api.task.TaskResource;

import org.activiti.rest.api.task.TaskUrlAddResource;

import org.activiti.rest.api.task.TasksResource;

import org.activiti.rest.api.task.TasksSummaryResource;

import org.restlet.Application;

import org.restlet.Request;

import org.restlet.Response;

import org.restlet.Restlet;

import org.restlet.data.ChallengeScheme;

import org.restlet.routing.Router;

import org.restlet.security.ChallengeAuthenticator;

import org.restlet.security.SecretVerifier;

import org.restlet.security.Verifier;

 

/**

 * @author Tijs Rademakers

 */

public class ActivitiRestApplication extends Application {

 

  private ChallengeAuthenticator authenticator;

 

  /**

   * Creates a root Restlet that will receive all incoming calls.

   */

  @Override

  public synchronized Restlet createInboundRoot() {

    Verifier verifier = new SecretVerifier() {

 

      @Override

      public boolean verify(String username, char[] password) throws IllegalArgumentException {

        boolean verified = ActivitiUtil.getIdentityService().checkPassword(username, new String(password));

        return verified;

      }

    };

    authenticator = new ChallengeAuthenticator(nulltrue, ChallengeScheme.HTTP_BASIC,

          "Activiti Realm") {

     

      @Override

      protected boolean authenticate(Request request, Response response) {

        if (request.getChallengeResponse() == null) {

          return false;

        } else {

          return super.authenticate(request, response);

        }

      }

    };

    authenticator.setVerifier(verifier);

   

    Router router = new Router(getContext());

 

    router.attachDefault(DefaultResource.class);

   

    router.attach("/process-engine", ProcessEngineResource.class);

   

    router.attach("/login", LoginResource.class);

   

    router.attach("/user/{userId}", UserResource.class);

    router.attach("/user/{userId}/groups", UserGroupsResource.class);

    router.attach("/user/{userId}/picture", UserPictureResource.class);

    router.attach("/users/{searchText}", UserSearchResource.class);

   

    router.attach("/group/{groupId}", GroupResource.class);

    router.attach("/groups/{groupId}/users", GroupUsersResource.class);

   

    router.attach("/process-definitions", ProcessDefinitionsResource.class);

    router.attach("/process-instances", ProcessInstancesResource.class);

    router.attach("/process-instance", StartProcessInstanceResource.class);

    router.attach("/processInstance/{processInstanceId}", ProcessInstanceResource.class);

    router.attach("/processInstance/{processInstanceId}/diagram", ProcessInstanceDiagramResource.class);

    router.attach("/process-definition/{processDefinitionId}/form", ProcessDefinitionFormResource.class);

    router.attach("/process-definition/{processDefinitionId}/properties", ProcessDefinitionPropertiesResource.class);

   

    router.attach("/tasks", TasksResource.class);

    router.attach("/tasks-summary", TasksSummaryResource.class);

    router.attach("/task", TaskAddResource.class);

    router.attach("/task/{taskId}", TaskResource.class);

    router.attach("/task/{taskId}/form", TaskFormResource.class);

    router.attach("/task/{taskId}/attachment", TaskAttachmentAddResource.class);

    router.attach("/task/{taskId}/url", TaskUrlAddResource.class);

    router.attach("/task/{taskId}/{operation}", TaskOperationResource.class);

   

    router.attach("/attachment/{attachmentId}", TaskAttachmentResource.class);

   

    router.attach("/form/{taskId}/properties", TaskPropertiesResource.class);

   

    router.attach("/deployments", DeploymentsResource.class);

    router.attach("/deployment", DeploymentUploadResource.class);

    router.attach("/deployments/delete", DeploymentsDeleteResource.class);

    router.attach("/deployment/{deploymentId}", DeploymentDeleteResource.class);

   

    router.attach("/management/jobs", JobsResource.class);

    router.attach("/management/job/{jobId}", JobResource.class);

    router.attach("/management/job/{jobId}/execute", JobExecuteResource.class);

    router.attach("/management/jobs/execute", JobsExecuteResource.class);

   

    router.attach("/management/tables", TablesResource.class);

    router.attach("/management/table/{tableName}", TableResource.class);

    router.attach("/management/table/{tableName}/data", TableDataResource.class);

   

    authenticator.setNext(router);

   

    return authenticator;

  }

 

  public String authenticate(Request request, Response response) {

    if (!request.getClientInfo().isAuthenticated()) {

      authenticator.challenge(response, false);

      return null;

    }

    return request.getClientInfo().getUser().getIdentifier();

  }

}

        在activiti中每一个用户属于一个用户组,不同的用户拥有不同的权限,不同的权限可以有不同的操作,因此请求的资源路径和登录的安全验证相当的重要。需要添加相关的验证。

       原理实现REST的org.restlet.Application接口实现,实现REST访问方式唯一的入口点,同时添加相关的权限验证。然后再web.xml配置即可。

 

web.xml配置如下:
<?xml version="1.0" encoding="UTF-8"?> 

<web-app id="WebApp_ID" version="2.4" 

            xmlns="http://java.sun.com/xml/ns/j2ee" 

            xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 

            xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee 

                 http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"

 

  <display-name>Activiti REST</display-name>

  

  <listener>

    <listener-class>org.activiti.rest.servlet.ActivitiServletContextListener</listener-class>

  </listener>

 

  <!-- Restlet adapter --> 

  <servlet> 

    <servlet-name>RestletServlet</servlet-name> 

    <servlet-class>org.restlet.ext.servlet.ServerServlet</servlet-class>

    <init-param>

      <!-- Application class name -->

      <param-name>org.restlet.application</param-name>

      <param-value>org.activiti.rest.application.ActivitiRestApplication</param-value>

    </init-param>

  </servlet>

 

  <!-- Catch all requests --> 

  <servlet-mapping> 

    <servlet-name>RestletServlet</servlet-name> 

    <url-pattern>/service/*</url-pattern> 

  </servlet-mapping> 

</web-app>

 

 

 

 

代码如下:

package org.activiti.rest.application;

 

import org.activiti.rest.api.ActivitiUtil;

import org.activiti.rest.api.DefaultResource;

import org.activiti.rest.api.engine.ProcessEngineResource;

import org.activiti.rest.api.identity.GroupResource;

import org.activiti.rest.api.identity.GroupUsersResource;

import org.activiti.rest.api.identity.LoginResource;

import org.activiti.rest.api.identity.UserGroupsResource;

import org.activiti.rest.api.identity.UserPictureResource;

import org.activiti.rest.api.identity.UserResource;

import org.activiti.rest.api.identity.UserSearchResource;

import org.activiti.rest.api.management.JobExecuteResource;

import org.activiti.rest.api.management.JobResource;

import org.activiti.rest.api.management.JobsExecuteResource;

import org.activiti.rest.api.management.JobsResource;

import org.activiti.rest.api.management.TableDataResource;

import org.activiti.rest.api.management.TableResource;

import org.activiti.rest.api.management.TablesResource;

import org.activiti.rest.api.process.ProcessDefinitionFormResource;

import org.activiti.rest.api.process.ProcessDefinitionPropertiesResource;

import org.activiti.rest.api.process.ProcessDefinitionsResource;

import org.activiti.rest.api.process.ProcessInstanceDiagramResource;

import org.activiti.rest.api.process.ProcessInstanceResource;

import org.activiti.rest.api.process.ProcessInstancesResource;

import org.activiti.rest.api.process.StartProcessInstanceResource;

import org.activiti.rest.api.repository.DeploymentDeleteResource;

import org.activiti.rest.api.repository.DeploymentUploadResource;

import org.activiti.rest.api.repository.DeploymentsDeleteResource;

import org.activiti.rest.api.repository.DeploymentsResource;

import org.activiti.rest.api.task.TaskAddResource;

import org.activiti.rest.api.task.TaskAttachmentAddResource;

import org.activiti.rest.api.task.TaskAttachmentResource;

import org.activiti.rest.api.task.TaskFormResource;

import org.activiti.rest.api.task.TaskOperationResource;

import org.activiti.rest.api.task.TaskPropertiesResource;

import org.activiti.rest.api.task.TaskResource;

import org.activiti.rest.api.task.TaskUrlAddResource;

import org.activiti.rest.api.task.TasksResource;

import org.activiti.rest.api.task.TasksSummaryResource;

import org.restlet.Application;

import org.restlet.Request;

import org.restlet.Response;

import org.restlet.Restlet;

import org.restlet.data.ChallengeScheme;

import org.restlet.routing.Router;

import org.restlet.security.ChallengeAuthenticator;

import org.restlet.security.SecretVerifier;

import org.restlet.security.Verifier;

 

/**

 * @author Tijs Rademakers

 */

public class ActivitiRestApplication extends Application {

 

  private ChallengeAuthenticator authenticator;

 

  /**

   * Creates a root Restlet that will receive all incoming calls.

   */

  @Override

  public synchronized Restlet createInboundRoot() {

    Verifier verifier = new SecretVerifier() {

 

      @Override

      public boolean verify(String username, char[] password) throws IllegalArgumentException {

        boolean verified = ActivitiUtil.getIdentityService().checkPassword(username, new String(password));

        return verified;

      }

    };

    authenticator = new ChallengeAuthenticator(nulltrue, ChallengeScheme.HTTP_BASIC,

          "Activiti Realm") {

     

      @Override

      protected boolean authenticate(Request request, Response response) {

        if (request.getChallengeResponse() == null) {

          return false;

        } else {

          return super.authenticate(request, response);

        }

      }

    };

    authenticator.setVerifier(verifier);

   

    Router router = new Router(getContext());

 

    router.attachDefault(DefaultResource.class);

   

    router.attach("/process-engine", ProcessEngineResource.class);

   

    router.attach("/login", LoginResource.class);

   

    router.attach("/user/{userId}", UserResource.class);

    router.attach("/user/{userId}/groups", UserGroupsResource.class);

    router.attach("/user/{userId}/picture", UserPictureResource.class);

    router.attach("/users/{searchText}", UserSearchResource.class);

   

    router.attach("/group/{groupId}", GroupResource.class);

    router.attach("/groups/{groupId}/users", GroupUsersResource.class);

   

    router.attach("/process-definitions", ProcessDefinitionsResource.class);

    router.attach("/process-instances", ProcessInstancesResource.class);

    router.attach("/process-instance", StartProcessInstanceResource.class);

    router.attach("/processInstance/{processInstanceId}", ProcessInstanceResource.class);

    router.attach("/processInstance/{processInstanceId}/diagram", ProcessInstanceDiagramResource.class);

    router.attach("/process-definition/{processDefinitionId}/form", ProcessDefinitionFormResource.class);

    router.attach("/process-definition/{processDefinitionId}/properties", ProcessDefinitionPropertiesResource.class);

   

    router.attach("/tasks", TasksResource.class);

    router.attach("/tasks-summary", TasksSummaryResource.class);

    router.attach("/task", TaskAddResource.class);

    router.attach("/task/{taskId}", TaskResource.class);

    router.attach("/task/{taskId}/form", TaskFormResource.class);

    router.attach("/task/{taskId}/attachment", TaskAttachmentAddResource.class);

    router.attach("/task/{taskId}/url", TaskUrlAddResource.class);

    router.attach("/task/{taskId}/{operation}", TaskOperationResource.class);

   

    router.attach("/attachment/{attachmentId}", TaskAttachmentResource.class);

   

    router.attach("/form/{taskId}/properties", TaskPropertiesResource.class);

   

    router.attach("/deployments", DeploymentsResource.class);

    router.attach("/deployment", DeploymentUploadResource.class);

    router.attach("/deployments/delete", DeploymentsDeleteResource.class);

    router.attach("/deployment/{deploymentId}", DeploymentDeleteResource.class);

   

    router.attach("/management/jobs", JobsResource.class);

    router.attach("/management/job/{jobId}", JobResource.class);

    router.attach("/management/job/{jobId}/execute", JobExecuteResource.class);

    router.attach("/management/jobs/execute", JobsExecuteResource.class);

   

    router.attach("/management/tables", TablesResource.class);

    router.attach("/management/table/{tableName}", TableResource.class);

    router.attach("/management/table/{tableName}/data", TableDataResource.class);

   

    authenticator.setNext(router);

   

    return authenticator;

  }

 

  public String authenticate(Request request, Response response) {

    if (!request.getClientInfo().isAuthenticated()) {

      authenticator.challenge(response, false);

      return null;

    }

    return request.getClientInfo().getUser().getIdentifier();

  }

}

0
0

查看评论
* 以上用户言论只代表其个人观点,不代表CSDN网站的观点或立场
    个人资料
    • 访问:15982次
    • 积分:637
    • 等级:
    • 排名:千里之外
    • 原创:38篇
    • 转载:75篇
    • 译文:0篇
    • 评论:0条
    文章分类