AnsweredAssumed Answered

RESTApp : Token validation instead of BASIC AUTH

Question asked by rangoo on Apr 8, 2013
Latest reply on Apr 11, 2013 by jbarrez
I am planning to use the Activiti REST app with a Token instead of basic authentication. I extended UserEntityManager to overide

checkPassword(String userId, String password)

I will receive a SAML Token instead of username/password from my REST Clients. so I will have to pass - UserID as null and a TokenStringinstead of password as there is no method which just accepts single parameter.

1) Should I still  overide checkpassword method although it doesn't look cleaner


2) Should I modify Activiti Engine sources to add another command class. For UserEntityManager  to have a checkToken(String token) Method and  I could change loginResoucre.login method like this

getIdentityService().checkToken instead of pe.getIdentityService().checkPassword(


3) Writing my Own REST App makes sense in my case ? :)
Suggestions are welcome