rsoika on master
logging (compare)
rsoika on master
improved logging Issue #735 (compare)
rsoika on master
[maven-release-plugin] prepare … (compare)
rsoika on imixs-workflow-5.2.9
rsoika on master
[maven-release-plugin] prepare … (compare)
rsoika on master
documentation Issue #734 (compare)
rsoika on master
change Adapter API Issue #734 (compare)
rsoika on master
typo (compare)
rsoika on master
fixed Issue #733 (compare)
I am using Imixs-Workflow to build an application for managing proposals
for access to computing clusters. We will be using Tomcat TomEE 8.0 to
deploy the application. I have worked through the sample application and
have it running on my sandbox.
We would like to use custom or individual access roles with the
application. I have studied the page at
https://www.imixs.org/doc/deployment/security.html
and the details in the section "How to Define Individual Access Role"
but I do not understand precisely what I need to do. I have experience
with Java but I am not a Java EE expert.
To define a custom role do I need to define the role in the ejb-jar.xml
deployment descriptor? If so, do I need to define my own Java class and
what base class should I use?
I would be grateful for any pointers or other information you can
provide.
Hello Ralph I am using Imixs to make a workflow in which a user creates a proposal which is reviewed by three reviewers. The proposal needs to be approved by at least 2 of the reviewers for the workflow to continue. I'm trying to diagram this workflow by using gateways. Above this post I attached a screenshot of my diagram.
I am using the result plugin on an event to set an item to the workitem using the code:
<item name="reviewer1" type="integer">0</item>
At this page: https://www.imixs.org/doc/engine/plugins/resultplugin.html I've read that you will be able to update properties of the current workitem using the result plugin.
Later I'm trying to use the rule plugin to write a conditional expression in an exclusive gateway however I am unsure how to access the item which I set to the workitem previously using the result plugin. Could you clarify how I'd be able to access the item made using the result plugin later in the workflow?
Hello Ralph,
I am working on switching my version of Imixs from 4.5.0 to 5.0.2. However I am getting the error:
java.lang.NoClassDefFoundError: org/eclipse/microprofile/health/HealthCheck.
I am currently using apache-tommee-plus-8.0.0-M2. I have reviewed the pom.xml for the sample application for the version 5.0.0 and did not see any differences compared to my current pom.xml. Are there any changes necessary to pom.xml when building the new version?
Hello Ralph thanks for checking. We have moved to wildfly 17. We were able to run the sample application version 5.0.0. Originally we were using the version 4.2.1 of the workflow engine and now we want to update to 5.0.2. However, when we tried updating to 5.0.2 the view in our sub_tasklist.xhtml was not showing up with all of the data. We're getting our data using this:
class="imixsdatatable" style="width:100%"
value="#{viewHandler.getData(proposalController)}" var="workitem">.
And using this to output the data:
<h:column>
<f:facet name="header">
<h:outputText value="Requester Name" />
</f:facet>
<h:link outcome="/pages/workflow/workitem">
<h:column>
<f:facet name="header">
<h:outputText value="Requester Email" />
</f:facet>
<h:outputText value="#{workitem.item['email']}" />
</h:column>
However no data is showing up using that code. Is there any changes from 4.2.1 to 5.0.2 that we need to change in order for this data to show up?
Hello Ralph. I am working on implementing the mail plugin however was running into some errors. I added logging commands and learned that the method getRecipients in mailPlugin.java is including the logging username as a recipient which causes an error because the username is not a valid email. Do you know how I could fix this so that the username is not included in the recipients?
This is the error that I am getting:
WARNING [org.imixs.workflow.engine.plugins.MailPlugin] (default task-4) close failed with exception: javax.mail.SendFailedException: Invalid Addresses;
nested exception is:
com.sun.mail.smtp.SMTPAddressFailedException: 553 5.1.2 The recipient address <emily> is not a valid RFC-5321 address. cx22sm389452pjb.25 - gsmtp
Where 'emily' is my username.
You need a custom implementation of the MailPlugin. Just extend the mailPlugin and overwrite the method getInternetAddress()
public InternetAddress getInternetAddress(String aAddr) throws AddressException {
// is smtp address skip profile lookup?
if (aAddr.indexOf('@') > -1)
return super.getInternetAddress(aAddr);
else
return null;
}
You my also add some custom code to lookup the e-mail address from a user profile or ldap directory....
Thanks Ralph I got the .getUserNameList() method to work however I'm wondering how I can create my own unique roles. Currently I am using curly brackets to add a static list of user ids. However I would like my roles to show up when I use the getUserNameList() method. I am using wildfly to try to add the role 'reviewer'. In the process properties of the model I have defined the actor reviewer|namReviewer. In my sampleapp-roles.properties I have given the user 'Emily' the following roles:
emily=IMIXS-WORKFLOW-Author,IMIXS-WORKFLOW-Reader,reviewer
In my imixsrealm.properties I have defined reviewer as:
reviewer=org.imixs.ACCESSLEVEL.reviewer.
However when I use the .getUserNameList() method reviewer is not showing up as one of the roles. What should I be doing so that I'm able to add the new role?
This is an intressting point. And we have different mechansims to archive this.
One way is to define an external String Resource with the name 'ACCESS_ROLES'. You can provide a list of application specific Roles. The method getUserNameList will test these role names by ctx.isCallerInRole(testRole). I think, this is what you are searching for.
See here. But you need to define the resource 'ACCESS_ROLES' by the ejb-jar.xml descriptor which is not very elegant.
A smarter way is the CDI UserGroupEvent. See here.
You can observe this event and simply return a List of your application specific user roles.
To check if the user isInRole you can do this:
public void onUserGroupEvent(@Observes UserGroupEvent userGroupEvent) {
List<String> customGroups = new ArrayList<String>();
if (ctx.isCallerInRole("reviewer")) {
customGroups.add("reviewer");
}
userGroupEvent.setGroups(customGroups);
}