AnsweredAssumed Answered

RESTApp : Token validation instead of BASIC AUTH

Question asked by rangoo on Apr 8, 2013
Latest reply on Apr 11, 2013 by jbarrez
I am planning to use the Activiti REST app with a Token instead of basic authentication. I extended UserEntityManager to overide

 
checkPassword(String userId, String password)

I will receive a SAML Token instead of username/password from my REST Clients. so I will have to pass - UserID as null and a TokenStringinstead of password as there is no method which just accepts single parameter.

1) Should I still  overide checkpassword method although it doesn't look cleaner

OR

2) Should I modify Activiti Engine sources to add another command class. For UserEntityManager  to have a checkToken(String token) Method and  I could change loginResoucre.login method like this

getIdentityService().checkToken instead of pe.getIdentityService().checkPassword(

OR

3) Writing my Own REST App makes sense in my case ? :)
 
Suggestions are welcome

Outcomes