关闭

Activiti工作流访问路径资源注册和管理

334人阅读 评论(0) 收藏 举报
分类:


        在activiti中每一个用户属于一个用户组,不同的用户拥有不同的权限,不同的权限可以有不同的操作,因此请求的资源路径和登录的安全验证相当的重要。需要添加相关的验证。

       原理实现REST的org.restlet.Application接口实现,实现REST访问方式唯一的入口点,同时添加相关的权限验证。然后再web.xml配置即可。

 

web.xml配置如下:
<?xml version="1.0" encoding="UTF-8"?> 

<web-app id="WebApp_ID" version="2.4" 

            xmlns="http://java.sun.com/xml/ns/j2ee" 

            xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 

            xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee 

                 http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"

 

  <display-name>Activiti REST</display-name>

  

  <listener>

    <listener-class>org.activiti.rest.servlet.ActivitiServletContextListener</listener-class>

  </listener>

 

  <!-- Restlet adapter --> 

  <servlet> 

    <servlet-name>RestletServlet</servlet-name> 

    <servlet-class>org.restlet.ext.servlet.ServerServlet</servlet-class>

    <init-param>

      <!-- Application class name -->

      <param-name>org.restlet.application</param-name>

      <param-value>org.activiti.rest.application.ActivitiRestApplication</param-value>

    </init-param>

  </servlet>

 

  <!-- Catch all requests --> 

  <servlet-mapping> 

    <servlet-name>RestletServlet</servlet-name> 

    <url-pattern>/service/*</url-pattern> 

  </servlet-mapping> 

</web-app>

 

 

 

 

代码如下:

package org.activiti.rest.application;

 

import org.activiti.rest.api.ActivitiUtil;

import org.activiti.rest.api.DefaultResource;

import org.activiti.rest.api.engine.ProcessEngineResource;

import org.activiti.rest.api.identity.GroupResource;

import org.activiti.rest.api.identity.GroupUsersResource;

import org.activiti.rest.api.identity.LoginResource;

import org.activiti.rest.api.identity.UserGroupsResource;

import org.activiti.rest.api.identity.UserPictureResource;

import org.activiti.rest.api.identity.UserResource;

import org.activiti.rest.api.identity.UserSearchResource;

import org.activiti.rest.api.management.JobExecuteResource;

import org.activiti.rest.api.management.JobResource;

import org.activiti.rest.api.management.JobsExecuteResource;

import org.activiti.rest.api.management.JobsResource;

import org.activiti.rest.api.management.TableDataResource;

import org.activiti.rest.api.management.TableResource;

import org.activiti.rest.api.management.TablesResource;

import org.activiti.rest.api.process.ProcessDefinitionFormResource;

import org.activiti.rest.api.process.ProcessDefinitionPropertiesResource;

import org.activiti.rest.api.process.ProcessDefinitionsResource;

import org.activiti.rest.api.process.ProcessInstanceDiagramResource;

import org.activiti.rest.api.process.ProcessInstanceResource;

import org.activiti.rest.api.process.ProcessInstancesResource;

import org.activiti.rest.api.process.StartProcessInstanceResource;

import org.activiti.rest.api.repository.DeploymentDeleteResource;

import org.activiti.rest.api.repository.DeploymentUploadResource;

import org.activiti.rest.api.repository.DeploymentsDeleteResource;

import org.activiti.rest.api.repository.DeploymentsResource;

import org.activiti.rest.api.task.TaskAddResource;

import org.activiti.rest.api.task.TaskAttachmentAddResource;

import org.activiti.rest.api.task.TaskAttachmentResource;

import org.activiti.rest.api.task.TaskFormResource;

import org.activiti.rest.api.task.TaskOperationResource;

import org.activiti.rest.api.task.TaskPropertiesResource;

import org.activiti.rest.api.task.TaskResource;

import org.activiti.rest.api.task.TaskUrlAddResource;

import org.activiti.rest.api.task.TasksResource;

import org.activiti.rest.api.task.TasksSummaryResource;

import org.restlet.Application;

import org.restlet.Request;

import org.restlet.Response;

import org.restlet.Restlet;

import org.restlet.data.ChallengeScheme;

import org.restlet.routing.Router;

import org.restlet.security.ChallengeAuthenticator;

import org.restlet.security.SecretVerifier;

import org.restlet.security.Verifier;

 

/**

 * @author Tijs Rademakers

 */

public class ActivitiRestApplication extends Application {

 

  private ChallengeAuthenticator authenticator;

 

  /**

   * Creates a root Restlet that will receive all incoming calls.

   */

  @Override

  public synchronized Restlet createInboundRoot() {

    Verifier verifier = new SecretVerifier() {

 

      @Override

      public boolean verify(String username, char[] password) throws IllegalArgumentException {

        boolean verified = ActivitiUtil.getIdentityService().checkPassword(username, new String(password));

        return verified;

      }

    };

    authenticator = new ChallengeAuthenticator(nulltrue, ChallengeScheme.HTTP_BASIC,

          "Activiti Realm") {

     

      @Override

      protected boolean authenticate(Request request, Response response) {

        if (request.getChallengeResponse() == null) {

          return false;

        } else {

          return super.authenticate(request, response);

        }

      }

    };

    authenticator.setVerifier(verifier);

   

    Router router = new Router(getContext());

 

    router.attachDefault(DefaultResource.class);

   

    router.attach("/process-engine", ProcessEngineResource.class);

   

    router.attach("/login", LoginResource.class);

   

    router.attach("/user/{userId}", UserResource.class);

    router.attach("/user/{userId}/groups", UserGroupsResource.class);

    router.attach("/user/{userId}/picture", UserPictureResource.class);

    router.attach("/users/{searchText}", UserSearchResource.class);

   

    router.attach("/group/{groupId}", GroupResource.class);

    router.attach("/groups/{groupId}/users", GroupUsersResource.class);

   

    router.attach("/process-definitions", ProcessDefinitionsResource.class);

    router.attach("/process-instances", ProcessInstancesResource.class);

    router.attach("/process-instance", StartProcessInstanceResource.class);

    router.attach("/processInstance/{processInstanceId}", ProcessInstanceResource.class);

    router.attach("/processInstance/{processInstanceId}/diagram", ProcessInstanceDiagramResource.class);

    router.attach("/process-definition/{processDefinitionId}/form", ProcessDefinitionFormResource.class);

    router.attach("/process-definition/{processDefinitionId}/properties", ProcessDefinitionPropertiesResource.class);

   

    router.attach("/tasks", TasksResource.class);

    router.attach("/tasks-summary", TasksSummaryResource.class);

    router.attach("/task", TaskAddResource.class);

    router.attach("/task/{taskId}", TaskResource.class);

    router.attach("/task/{taskId}/form", TaskFormResource.class);

    router.attach("/task/{taskId}/attachment", TaskAttachmentAddResource.class);

    router.attach("/task/{taskId}/url", TaskUrlAddResource.class);

    router.attach("/task/{taskId}/{operation}", TaskOperationResource.class);

   

    router.attach("/attachment/{attachmentId}", TaskAttachmentResource.class);

   

    router.attach("/form/{taskId}/properties", TaskPropertiesResource.class);

   

    router.attach("/deployments", DeploymentsResource.class);

    router.attach("/deployment", DeploymentUploadResource.class);

    router.attach("/deployments/delete", DeploymentsDeleteResource.class);

    router.attach("/deployment/{deploymentId}", DeploymentDeleteResource.class);

   

    router.attach("/management/jobs", JobsResource.class);

    router.attach("/management/job/{jobId}", JobResource.class);

    router.attach("/management/job/{jobId}/execute", JobExecuteResource.class);

    router.attach("/management/jobs/execute", JobsExecuteResource.class);

   

    router.attach("/management/tables", TablesResource.class);

    router.attach("/management/table/{tableName}", TableResource.class);

    router.attach("/management/table/{tableName}/data", TableDataResource.class);

   

    authenticator.setNext(router);

   

    return authenticator;

  }

 

  public String authenticate(Request request, Response response) {

    if (!request.getClientInfo().isAuthenticated()) {

      authenticator.challenge(response, false);

      return null;

    }

    return request.getClientInfo().getUser().getIdentifier();

  }

}

        在activiti中每一个用户属于一个用户组,不同的用户拥有不同的权限,不同的权限可以有不同的操作,因此请求的资源路径和登录的安全验证相当的重要。需要添加相关的验证。

       原理实现REST的org.restlet.Application接口实现,实现REST访问方式唯一的入口点,同时添加相关的权限验证。然后再web.xml配置即可。

 

web.xml配置如下:
<?xml version="1.0" encoding="UTF-8"?> 

<web-app id="WebApp_ID" version="2.4" 

            xmlns="http://java.sun.com/xml/ns/j2ee" 

            xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 

            xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee 

                 http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"

 

  <display-name>Activiti REST</display-name>

  

  <listener>

    <listener-class>org.activiti.rest.servlet.ActivitiServletContextListener</listener-class>

  </listener>

 

  <!-- Restlet adapter --> 

  <servlet> 

    <servlet-name>RestletServlet</servlet-name> 

    <servlet-class>org.restlet.ext.servlet.ServerServlet</servlet-class>

    <init-param>

      <!-- Application class name -->

      <param-name>org.restlet.application</param-name>

      <param-value>org.activiti.rest.application.ActivitiRestApplication</param-value>

    </init-param>

  </servlet>

 

  <!-- Catch all requests --> 

  <servlet-mapping> 

    <servlet-name>RestletServlet</servlet-name> 

    <url-pattern>/service/*</url-pattern> 

  </servlet-mapping> 

</web-app>

 

 

 

 

代码如下:

package org.activiti.rest.application;

 

import org.activiti.rest.api.ActivitiUtil;

import org.activiti.rest.api.DefaultResource;

import org.activiti.rest.api.engine.ProcessEngineResource;

import org.activiti.rest.api.identity.GroupResource;

import org.activiti.rest.api.identity.GroupUsersResource;

import org.activiti.rest.api.identity.LoginResource;

import org.activiti.rest.api.identity.UserGroupsResource;

import org.activiti.rest.api.identity.UserPictureResource;

import org.activiti.rest.api.identity.UserResource;

import org.activiti.rest.api.identity.UserSearchResource;

import org.activiti.rest.api.management.JobExecuteResource;

import org.activiti.rest.api.management.JobResource;

import org.activiti.rest.api.management.JobsExecuteResource;

import org.activiti.rest.api.management.JobsResource;

import org.activiti.rest.api.management.TableDataResource;

import org.activiti.rest.api.management.TableResource;

import org.activiti.rest.api.management.TablesResource;

import org.activiti.rest.api.process.ProcessDefinitionFormResource;

import org.activiti.rest.api.process.ProcessDefinitionPropertiesResource;

import org.activiti.rest.api.process.ProcessDefinitionsResource;

import org.activiti.rest.api.process.ProcessInstanceDiagramResource;

import org.activiti.rest.api.process.ProcessInstanceResource;

import org.activiti.rest.api.process.ProcessInstancesResource;

import org.activiti.rest.api.process.StartProcessInstanceResource;

import org.activiti.rest.api.repository.DeploymentDeleteResource;

import org.activiti.rest.api.repository.DeploymentUploadResource;

import org.activiti.rest.api.repository.DeploymentsDeleteResource;

import org.activiti.rest.api.repository.DeploymentsResource;

import org.activiti.rest.api.task.TaskAddResource;

import org.activiti.rest.api.task.TaskAttachmentAddResource;

import org.activiti.rest.api.task.TaskAttachmentResource;

import org.activiti.rest.api.task.TaskFormResource;

import org.activiti.rest.api.task.TaskOperationResource;

import org.activiti.rest.api.task.TaskPropertiesResource;

import org.activiti.rest.api.task.TaskResource;

import org.activiti.rest.api.task.TaskUrlAddResource;

import org.activiti.rest.api.task.TasksResource;

import org.activiti.rest.api.task.TasksSummaryResource;

import org.restlet.Application;

import org.restlet.Request;

import org.restlet.Response;

import org.restlet.Restlet;

import org.restlet.data.ChallengeScheme;

import org.restlet.routing.Router;

import org.restlet.security.ChallengeAuthenticator;

import org.restlet.security.SecretVerifier;

import org.restlet.security.Verifier;

 

/**

 * @author Tijs Rademakers

 */

public class ActivitiRestApplication extends Application {

 

  private ChallengeAuthenticator authenticator;

 

  /**

   * Creates a root Restlet that will receive all incoming calls.

   */

  @Override

  public synchronized Restlet createInboundRoot() {

    Verifier verifier = new SecretVerifier() {

 

      @Override

      public boolean verify(String username, char[] password) throws IllegalArgumentException {

        boolean verified = ActivitiUtil.getIdentityService().checkPassword(username, new String(password));

        return verified;

      }

    };

    authenticator = new ChallengeAuthenticator(nulltrue, ChallengeScheme.HTTP_BASIC,

          "Activiti Realm") {

     

      @Override

      protected boolean authenticate(Request request, Response response) {

        if (request.getChallengeResponse() == null) {

          return false;

        } else {

          return super.authenticate(request, response);

        }

      }

    };

    authenticator.setVerifier(verifier);

   

    Router router = new Router(getContext());

 

    router.attachDefault(DefaultResource.class);

   

    router.attach("/process-engine", ProcessEngineResource.class);

   

    router.attach("/login", LoginResource.class);

   

    router.attach("/user/{userId}", UserResource.class);

    router.attach("/user/{userId}/groups", UserGroupsResource.class);

    router.attach("/user/{userId}/picture", UserPictureResource.class);

    router.attach("/users/{searchText}", UserSearchResource.class);

   

    router.attach("/group/{groupId}", GroupResource.class);

    router.attach("/groups/{groupId}/users", GroupUsersResource.class);

   

    router.attach("/process-definitions", ProcessDefinitionsResource.class);

    router.attach("/process-instances", ProcessInstancesResource.class);

    router.attach("/process-instance", StartProcessInstanceResource.class);

    router.attach("/processInstance/{processInstanceId}", ProcessInstanceResource.class);

    router.attach("/processInstance/{processInstanceId}/diagram", ProcessInstanceDiagramResource.class);

    router.attach("/process-definition/{processDefinitionId}/form", ProcessDefinitionFormResource.class);

    router.attach("/process-definition/{processDefinitionId}/properties", ProcessDefinitionPropertiesResource.class);

   

    router.attach("/tasks", TasksResource.class);

    router.attach("/tasks-summary", TasksSummaryResource.class);

    router.attach("/task", TaskAddResource.class);

    router.attach("/task/{taskId}", TaskResource.class);

    router.attach("/task/{taskId}/form", TaskFormResource.class);

    router.attach("/task/{taskId}/attachment", TaskAttachmentAddResource.class);

    router.attach("/task/{taskId}/url", TaskUrlAddResource.class);

    router.attach("/task/{taskId}/{operation}", TaskOperationResource.class);

   

    router.attach("/attachment/{attachmentId}", TaskAttachmentResource.class);

   

    router.attach("/form/{taskId}/properties", TaskPropertiesResource.class);

   

    router.attach("/deployments", DeploymentsResource.class);

    router.attach("/deployment", DeploymentUploadResource.class);

    router.attach("/deployments/delete", DeploymentsDeleteResource.class);

    router.attach("/deployment/{deploymentId}", DeploymentDeleteResource.class);

   

    router.attach("/management/jobs", JobsResource.class);

    router.attach("/management/job/{jobId}", JobResource.class);

    router.attach("/management/job/{jobId}/execute", JobExecuteResource.class);

    router.attach("/management/jobs/execute", JobsExecuteResource.class);

   

    router.attach("/management/tables", TablesResource.class);

    router.attach("/management/table/{tableName}", TableResource.class);

    router.attach("/management/table/{tableName}/data", TableDataResource.class);

   

    authenticator.setNext(router);

   

    return authenticator;

  }

 

  public String authenticate(Request request, Response response) {

    if (!request.getClientInfo().isAuthenticated()) {

      authenticator.challenge(response, false);

      return null;

    }

    return request.getClientInfo().getUser().getIdentifier();

  }

}

0
0
查看评论

jeesite用户、组与activiti用户、组

1.jeesite通过代码和配置文件接管了了Activiti的用户和组,开发中无需理会activiti的用户和组。使用系统的用户管理即可。 2.jeesite是通过角色来对应Activiti的群组群组编码。 流程图用户组编码: 3.当流程执行到该节点时,该dept角色所有成员均可以...
  • a774630093
  • a774630093
  • 2017-08-14 13:25
  • 645

[工作流与Activiti] - No.2 简易工作流系统搭建(1) : 用户管理

前一段时间一直在实训,给实训单位做了一些关于工作流引擎的项目。由于老师说这部分东西不属于保密部分,所以在这里记录一下自己学习activiti的一些心得。这个系列的文章将分为四部分,用户管理、模型管理、流程管理和Activiti modeler整合四个部分。在本篇文章中,我们讲解最简单的部分,那就是系...
  • tjuyanming
  • tjuyanming
  • 2017-07-13 19:21
  • 647

Activiti工作流框架学习笔记(一)

工作流的概念先看下面两张图: 对以上两张图进行说明: 假设这两张图就是华谊兄弟的请假流程图 图的组成部分: 人物:范冰冰、冯小刚、王中军 事件(动作):请假、批准、不批准 通过以上分析我们就可以抽象成: 接下来给出工作流的书面化概念: 工作流(Workflow),就是“业务过程的部...
  • yerenyuan_pku
  • yerenyuan_pku
  • 2017-05-07 00:52
  • 2598

组任务(group)activiti工作流的角色

组任务(group)activiti工作流的角色 1./**在部署流程定义和启动流程实例的中间,设置组任务的办理人,向Activiti表中存放组和用户的信息*/ IdentityService identityService = processEngine.getIdentityServi...
  • u010924288
  • u010924288
  • 2016-07-25 16:16
  • 3583

activiti工作流引擎自动部署autodeploy心得

转载来自:http://songxh2.iteye.com/blog/2033790 终于要做表单了,就用activiti内置的表单引擎juel吧,因为他遵循java EL新的规范,还支持参数传递,加上JQ的功能应该足够用了。      &#...
  • shehun11
  • shehun11
  • 2015-03-06 11:45
  • 1650

Activiti工作流引擎流程执行情况监控

通过扩展Activiti的API来获取流程实例的执行信息(json格式数据)、在前台动态渲染出监控图: 可以在此页面查看办理人和待办人等任务信息。
  • xiezunjin
  • xiezunjin
  • 2015-08-03 15:17
  • 2075

Activiti工作流(一)——Activiti Diagram

工作流解决在多个参与者之间按照某种预定义的规则传递文档、信息或任务的过程自动进行,从而实现某个预期的业务目标,或者促使此目标的实现。使用Eclipse开发,需要安排工作流插件,详情见下面。 Name:Activiti BPMN 2.0 designer Location:http://a...
  • u010066934
  • u010066934
  • 2016-01-09 10:07
  • 2413

Activiti工作流框架学习(二)——使用Activiti提供的API完成流程操作

可以在项目中加入log4j,将logj4.properties文件拷入到src目录下,这样框架执行的sql就可以输出到到控制台,log4j提供的日志级别有以下几种: Fatal  error  warn  info  debug  trace 一...
  • xnf1991
  • xnf1991
  • 2016-09-26 23:00
  • 6278

使用activiti工作流引擎显示流程图时高亮显示流程图中已执行节点和已执行路径方法(AutoEE_V2实现方式)

1 AutoEE-自动智能开发平台   AutoEE-自动智能快速开发平台官网:http://www.autoee.org   最新版本:AutoEE_V3.0.4 AutoEE_V2版本是在V1版本的基础上进行的升级改造,集成Act...
  • heishuang
  • heishuang
  • 2015-11-02 10:18
  • 2054

Activiti 统一身份管理

与当前系统的用户用户组集成,可以使用视图。用sql组织现有系统的用户组织等信息,只需要保证与之前activiti物理表名称结构一致即可。通过视图过渡实现与现有系统中用户组织等的集成(这样就不需要同步用户数据了)。图片摘自《Activiti实战》Activiti实战下载地址:这里写链接内容
  • xunzaosiyecao
  • xunzaosiyecao
  • 2016-06-13 19:38
  • 1628
    个人资料
    • 访问:31392次
    • 积分:806
    • 等级:
    • 排名:千里之外
    • 原创:38篇
    • 转载:75篇
    • 译文:0篇
    • 评论:0条
    文章分类