AnsweredAssumed Answered

Mechanism of management rights on the start of process?

Question asked by christoph.rettig on Oct 8, 2012
Latest reply on Oct 15, 2012 by jbarrez
Hi, I am on the way to upgrade from activiti 5.6 to 5.10 and found that there has been a change in
adding the possibility to query users/groups that have the right to start a given process.

As I implemented my own identity service like

  public class CspIdentityService implements IdentityService, org.activiti.engine.impl.interceptor.Session, InitializingBean

to be able to access my proprietary security entities from actititi (and not having to define users/groups in every application domain) I now have a problem
because this functionality forces me to include the activiti process definition model into my own security model as well.

I don't think that this is a good idea as this couples security concerns with process concerns and also forces me to be aware of the actitivi database tables:(

Is there any suggestion how I can proceed here? I know there is also now a sample implementation of LDAP security service (at least it comes with the book)
and I don't think that in LDAP you will want to manage this type of security as well)?

  regards, Chris