AnsweredAssumed Answered

5.17 Securing Activiti Explorer login - LDAP

Question asked by mlfitz2 on Mar 30, 2015
Latest reply on Oct 18, 2016 by will.lin
I was wondering if someone might provide some clarification.  I'm trying to secure Activiti-Explorer's login to our ldap server.

What I have done so far is:
    - create my own LoginIdentityService that extends IdentityServiceImpl
    - overrode every method.  In each overriden method, I did a sysout and then called the appropriate method on super.
    - updated activiti.login.context.xml file to inject my new class into the defaultLoginHandler bean.

Mainly what I'm trying to do above is determine which methods are being called to authenticate the logged in user.  This way I can override those methods and implement my own ldap solution.  Is this the appropriate way of doing this?  As soon as I overrode the methods I could see in the logs that "checkPassword" was being invoked.  Even though my class calls the method on super after I print to log, I can't login using kermit or any other sample uers.  I assume I have the incorrect superclass defined?

Also, how is everyone injecting admin groups and user groups to secure the page?  I didn't find any documentation on this.

Thanks in advance!

Outcomes