How can I assign an openAM user to the Activiti processes.
I have an openAM that is running on apache and side by side I have an spring application Activiti Processes.
how can i add a user through openAM to my BPMn process.
1 i have integrated my openAM with activiti process application.
<?xml version="1.0" encoding="UTF-8"?>
<bpmn2:definitions xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:bpmn2="http://www.omg.org/spec/BPMN/20100524/MODEL"
xmlns:bpmndi="http://www.omg.org/spec/BPMN/20100524/DI"
xmlns:dc="http://www.omg.org/spec/DD/20100524/DC"
xmlns:di="http://www.omg.org/spec/DD/20100524/DI"
xmlns:activiti="http://activiti.org/bpmn"
id="sample-diagram"
targetNamespace="http://bpmn.io/schema/bpmn"
xsi:schemaLocation="http://www.omg.org/spec/BPMN/20100524/MODEL BPMN20.xsd">
<bpmn2:process id="sampleproc-e9b76ff9-6f70-42c9-8dee-f6116c533a6d" name="Sample Process" isExecutable="true">
<bpmn2:documentation />
<bpmn2:startEvent id="StartEvent_1">
<bpmn2:outgoing>SequenceFlow_0qdq7ff</bpmn2:outgoing>
</bpmn2:startEvent>
<bpmn2:userTask id="UserTask_0b6cp1l" name="User Task 1" activiti:assignee="demo">
<bpmn2:incoming>SequenceFlow_0qdq7ff</bpmn2:incoming>
<bpmn2:outgoing>SequenceFlow_1sc9dgy</bpmn2:outgoing>
</bpmn2:userTask>
<bpmn2:sequenceFlow id="SequenceFlow_0qdq7ff" sourceRef="StartEvent_1" targetRef="UserTask_0b6cp1l" />
<bpmn2:serviceTask id="ServiceTask_1wg38me" name="Service Task 1" implementation="serviceTask1Impl">
<bpmn2:incoming>SequenceFlow_1sc9dgy</bpmn2:incoming>
<bpmn2:outgoing>SequenceFlow_0t37jio</bpmn2:outgoing>
</bpmn2:serviceTask>
<bpmn2:sequenceFlow id="SequenceFlow_1sc9dgy" sourceRef="UserTask_0b6cp1l" targetRef="ServiceTask_1wg38me" />
<bpmn2:endEvent id="EndEvent_0irytw8">
<bpmn2:incoming>SequenceFlow_0t37jio</bpmn2:incoming>
</bpmn2:endEvent>
you may have several options, based on your deployment.
If you use 'domain cookies' you could just use a simple servlet filter based on https://backstage.forgerock.com/docs/openam/13.5/apidocs/com/iplanet/sso/SSOTokenManager.html
You could do the same if OpenAM and your web app are accessed via the same FQDN (e.g. using an HTTP reverse-proxy)
If OpenAM and the FQDN used to access the Spring app do not share a cookie domain, you could either use an OpenAM Policy Agent that solves this for you or you could use an internet standards based approach by leveraging SAML or OIDC.
Spring Security has modules for both or you apply a module in an HTTP reverse-proxy server (e.g. Apache http server, mod_auth_mellon for SAML or mod_auth_oidc for OIDC).
I can't seem to find a simple article on how to publish an existing restAPI through WSO2 ESB as proxy.
I have an existing API which responds with either Json or XML output based on content-type on the header. I would like to publish this api through the WSO2 ESB as proxy. I don't think WSO2 Application server is needed in this case, as the rest api is running on its own app server.
API:
http://somehost.com:8001/api/BusinessApi/GetContentTypes
Response:
[{"contentTypeID":1,"name":"Movies","isTop":true,"subLevels":1,"contentTypeIdBase":1},{"contentTypeID":2,"name":"TV Show","isTop":true,"subLevels":3,"contentTypeIdBase":4},{"contentTypeID":3,"name":"TV Season","isTop":false,"subLevels":2,"contentTypeIdBase":4},{"contentTypeID":4,"name":"TV Episode","isTop":false,"subLevels":1,"contentTypeIdBase":4},{"contentTypeID":5,"name":"Music Album","isTop":true,"subLevels":2,"contentTypeIdBase":6},{"contentTypeID":6,"name":"Music Track","isTop":false,"subLevels":1,"contentTypeIdBase":6},{"contentTypeID":7,"name":"Music Video","isTop":false,"subLevels":1,"contentTypeIdBase":7},{"contentTypeID":8,"name":"Book Set","isTop":false,"subLevels":1,"contentTypeIdBase":8},{"contentTypeID":9,"name":"Books","isTop":true,"subLevels":1,"contentTypeIdBase":9}]
The objective is to publish the api via WSO2 ESB and try to achieve the below actions:
Logging the API calls
Messaging/ forking calls based on a criteria
Centralize all API calls authentication model
Is it possible to just run ESB server to achieve this function?
Thanks in Advance!!
Setting up a proxy API, this can only be done via
adding API option under main->service-bus->APIs
Give the API a custom name, which is the identity on WSO2 ESB.
Give the context which is your custom resource.
go to the source view and add the below source
Begin of snippet
<api xmlns="http://ws.apache.org/ns/synapse" name="GetC" context="/api1">
<resource methods="GET" url-mapping="/">
<inSequence>
<log/>
<send>
<endpoint>
<address uri="http://somehost.com:8001/api/businessApi/GetContentTypes"/>
</endpoint>
</send>
</inSequence>
<outSequence>
<log/>
<send/>
</outSequence>
</resource>
</api>
End of snippet
You should now be to access the api via ESB proxy url
With your approach, you have created an api in ESB, which passes the request to your backend api. During this you expect to log every api call and control authentication too. I didn't understand the forking requirement.
Have you tried WSO2 API Manager? It will allow you to make your api a managed api. i.e. You will be able to control access to your api via oauth tokens. You can log the api calls too (although its not a good thing to log every call due to performance reasons).
If you integrate it with WSO2 DAS, you will be able to see some useful stats too. This is the API Manager documentation.
https://docs.wso2.com/display/AM1100/WSO2+API+Manager+Documentation
I tried to use mule as simple http proxy but seeing cookies that are send from the actual endpoint server is not passed on to the the client. Mule response has only one cookie.
<flow name="HelloWorld" doc:name="HelloWorld">
<http:inbound-endpoint exchange-pattern="request-response" host="localhost" port="8888" doc:name="Http Endpoint"/>
<http:outbound-endpoint
method="GET" exchange-pattern="request-response"
address="http://www.google.com"
contentType="text/html" doc:name="HTTP" />
</flow>
I think your problem is not passing the cookies to the client, but the fact that the cookies you receive will point to .google.com domain, so a basic web browser will probably reject them for security reasons when they come from localhost domain, and even if they were not rejected, they would not be sent along a subsequent call to localhost.
Now, the cookies come from the http outbound as a list that you can iterate and update with something like
#[foreach (cookie: message.inboundProperties['Set-Cookie']) {cookie.domain='localhost'}]
but you will also need to check for the existence of Set-Cookie property to not produce a null pointer exception when no cookies are set by the server.
for debugging your proxy app, you can/should also log the message you receive from the http outbound to see if cookies are present.
From the client/browser to the proxied server, I think the cookies should work just fine, as there is no domain data involved.
I need to support an operation both via SOAP and file dropping on a folder. Most of the logic will be he same. Is it possible to trigger the same flow with two message sources? I cant seem to find a way. Thanks
Use a composite message source:
<composite-source>
<file:inbound-endpoint ... />
<http:inbound-endpoint ... />
</composite-source>
If you use CXF, you'll have to stick the service element inside the HTTP inbound endpoint.
I'm new to Mule and am trying to setup a web server [in Mule] to "replace" an existing Java server - which simply proxies for a SOAP web service.
So:
Web client (js/html) requests a static resource
Mule Server must return the static resource
or
Web client uses Jquery Ajax (json) request with path starting with "api/"
Mule Server must forward the request to the Java server (to use the old API)
or
Web client uses Jquery Ajax request with path starting with "sapi/"
Mule Server must translate the request to XML and call the SOAP server (for new api calls)
I'm struggling to find a good starting point:
I've played with Ajax connectors (and end-points) and can get the static content served - but not sure where to go with the api calls (don't want to force the client app to use mule.js)
I've played with HTTP end points, and I can't get the static content served (implicit Content-Type issue)
Any help will be appreciated...
Use http:static-resource-handler to serve your static content: it should take care of the content types for you. See for more info: http://www.mulesoft.org/documentation/display/current/HTTP+Transport+Reference#HTTPTransportReference-ServingStaticContent%28sinceMule3.2%29
Forget about the Ajax connector, all you need is the HTTP connector. Bind one HTTP endpoint on api and the other on sapi.
When forwarding the request, be sure to propagate headers and, potentially, path extension after api/. See the example below to see how this is typically done.
<flow name="rawProxy">
<http:inbound-endpoint
address="http://localhost:${http.port}/rest-proxies/raw"
exchange-pattern="request-response" />
<copy-properties propertyName="*" />
<http:outbound-endpoint address="http://localhost:${http.port}/rest/#[message.inboundProperties['http.relative.path']]?#[message.inboundProperties['http.query.string']]"
exchange-pattern="request-response" />
<response>
<copy-properties propertyName="*" />
</response>
</flow>
If the SOAP API you're calling as a WSDL then generate a client for it and instead of transforming to XML, transform to the request object it expects.