第9篇:Flowable-Modeler集成以及集成代码下载
生活随笔
收集整理的這篇文章主要介紹了
第9篇:Flowable-Modeler集成以及集成代码下载
小編覺得挺不錯(cuò)的,現(xiàn)在分享給大家,幫大家做個(gè)參考.
接上一篇:
第8篇:Flowable-Modeler集成之Flowable-modeler源碼編譯
https://blog.csdn.net/weixin_40816738/article/details/102901026
文章目錄
- 一、背景
- 二、代碼修改,去除認(rèn)證
- 2.1. 修改攔截請求
- 2.2. 修改用戶查詢信息
- 2.3. 賬號查詢請求修改
- 2.4. 效果驗(yàn)證
- 2.5. 登錄驗(yàn)證
- 三、集成設(shè)計(jì)
一、背景
目前我們已經(jīng)修改完成了modeler單獨(dú)編譯,現(xiàn)在我們需要去除modeler的相關(guān)認(rèn)證,并且自動使用超級用戶來完成modeler的用戶查詢
二、代碼修改,去除認(rèn)證
2.1. 修改攔截請求
修改文件:SecurityConfiguration.java,讓spring security不攔截請求,修改后代碼:
/* Licensed under the Apache License, Version 2.0 (the "License");* you may not use this file except in compliance with the License.* You may obtain a copy of the License at** http://www.apache.org/licenses/LICENSE-2.0** Unless required by applicable law or agreed to in writing, software* distributed under the License is distributed on an "AS IS" BASIS,* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.* See the License for the specific language governing permissions and* limitations under the License.*/ package org.flowable.ui.modeler.conf;import java.util.Collections;import org.flowable.ui.common.filter.FlowableCookieFilterRegistrationBean; import org.flowable.ui.common.properties.FlowableCommonAppProperties; import org.flowable.ui.common.properties.FlowableRestAppProperties; import org.flowable.ui.common.security.ActuatorRequestMatcher; import org.flowable.ui.common.security.ClearFlowableCookieLogoutHandler; import org.flowable.ui.common.security.DefaultPrivileges; import org.flowable.ui.common.service.idm.RemoteIdmService; import org.flowable.ui.modeler.properties.FlowableModelerAppProperties; import org.flowable.ui.modeler.security.AjaxLogoutSuccessHandler; import org.flowable.ui.modeler.security.RemoteIdmAuthenticationProvider; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.actuate.autoconfigure.security.servlet.EndpointRequest; import org.springframework.boot.actuate.health.HealthEndpoint; import org.springframework.boot.actuate.info.InfoEndpoint; import org.springframework.boot.autoconfigure.condition.ConditionalOnClass; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.core.annotation.Order; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import org.springframework.security.web.header.writers.XXssProtectionHeaderWriter;/*** Based on http://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/#multiple-httpsecurity* * @author Joram Barrez* @author Tijs Rademakers* @author Filip Hrisafov*/ @Configuration @EnableWebSecurity public class SecurityConfiguration {private static final Logger LOGGER = LoggerFactory.getLogger(SecurityConfiguration.class);public static final String REST_ENDPOINTS_PREFIX = "/app/rest";@Autowiredprotected RemoteIdmAuthenticationProvider authenticationProvider; // // @Bean // public FlowableCookieFilterRegistrationBean flowableCookieFilterRegistrationBean(RemoteIdmService remoteIdmService, FlowableCommonAppProperties properties) { // FlowableCookieFilterRegistrationBean filter = new FlowableCookieFilterRegistrationBean(remoteIdmService, properties); // filter.addUrlPatterns("/app/*"); // filter.setRequiredPrivileges(Collections.singletonList(DefaultPrivileges.ACCESS_MODELER)); // return filter; // }@Autowiredpublic void configureGlobal(AuthenticationManagerBuilder auth) {// Default auth (database backed)try {auth.authenticationProvider(authenticationProvider);} catch (Exception e) {LOGGER.error("Could not configure authentication mechanism:", e);}}// @Configuration // @Order(10) // public static class FormLoginWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter { // // @Autowired // protected FlowableCookieFilterRegistrationBean flowableCookieFilterRegistrationBean; // // @Autowired // protected AjaxLogoutSuccessHandler ajaxLogoutSuccessHandler; // // @Override // protected void configure(HttpSecurity http) throws Exception { // http // .sessionManagement() // .sessionCreationPolicy(SessionCreationPolicy.STATELESS) // .and() // .addFilterBefore(flowableCookieFilterRegistrationBean.getFilter(), UsernamePasswordAuthenticationFilter.class) // .logout() // .logoutUrl("/app/logout") // .logoutSuccessHandler(ajaxLogoutSuccessHandler) // .addLogoutHandler(new ClearFlowableCookieLogoutHandler()) // .and() // .csrf() // .disable() // Disabled, cause enabling it will cause sessions // .headers() // .frameOptions() // .sameOrigin() // .addHeaderWriter(new XXssProtectionHeaderWriter()) // .and() // .authorizeRequests() // .antMatchers(REST_ENDPOINTS_PREFIX + "/**").hasAuthority(DefaultPrivileges.ACCESS_MODELER); // } // }//// BASIC AUTH//@Configuration@Order(1)public static class ApiWebSecurityConfigurationAdapter extends WebSecurityConfigurerAdapter {protected final FlowableRestAppProperties restAppProperties;protected final FlowableModelerAppProperties modelerAppProperties;public ApiWebSecurityConfigurationAdapter(FlowableRestAppProperties restAppProperties,FlowableModelerAppProperties modelerAppProperties) {this.restAppProperties = restAppProperties;this.modelerAppProperties = modelerAppProperties;}protected void configure(HttpSecurity http) throws Exception {http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and().csrf().disable();http.antMatcher("/api/**").authorizeRequests().antMatchers("/api/**").permitAll();// if (modelerAppProperties.isRestEnabled()) { // // // if (restAppProperties.isVerifyRestApiPrivilege()) { // http.antMatcher("/api/**").authorizeRequests().antMatchers("/api/**").hasAuthority(DefaultPrivileges.ACCESS_REST_API).and().httpBasic(); // } else { // http.antMatcher("/api/**").authorizeRequests().antMatchers("/api/**").authenticated().and().httpBasic(); // // } // // } else { // http.antMatcher("/api/**").authorizeRequests().antMatchers("/api/**").denyAll(); // // }}}//// Actuator//@ConditionalOnClass(EndpointRequest.class)@Configuration@Order(5) // Actuator configuration should kick in before the Form Login there should always be http basic for the endpointspublic static class ActuatorWebSecurityConfigurationAdapter extends WebSecurityConfigurerAdapter {protected void configure(HttpSecurity http) throws Exception {http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and().csrf().disable();http.requestMatcher(new ActuatorRequestMatcher()).authorizeRequests().requestMatchers(EndpointRequest.to(InfoEndpoint.class, HealthEndpoint.class)).authenticated().requestMatchers(EndpointRequest.toAnyEndpoint()).hasAnyAuthority(DefaultPrivileges.ACCESS_ADMIN).and().httpBasic();}} }核心修改為:
http.antMatcher("/api/**").authorizeRequests().antMatchers("/api/**").permitAll();
2.2. 修改用戶查詢信息
核心文件為SecurityUtils.java,核心修改內(nèi)容如下:
/*** @return the {@link User} object associated with the current logged in user.*/public static User getCurrentUserObject() {if (assumeUser != null) {return assumeUser;}RemoteUser user = new RemoteUser(); // FlowableAppUser appUser = getCurrentFlowableAppUser(); // if (appUser != null) { // user = appUser.getUserObject(); // }user.setId("admin");user.setDisplayName("admin");user.setFirstName("admin");user.setLastName("admin");user.setEmail("admin@admin.com");user.setPassword("test");List<String> pris = new ArrayList<>();pris.add(DefaultPrivileges.ACCESS_MODELER);pris.add(DefaultPrivileges.ACCESS_IDM);pris.add(DefaultPrivileges.ACCESS_ADMIN);pris.add(DefaultPrivileges.ACCESS_TASK);pris.add(DefaultPrivileges.ACCESS_REST_API);user.setPrivileges(pris);return user;}2.3. 賬號查詢請求修改
如下,文件為RemoteAccountResource.java:
/*** GET /rest/account -> get the current user.*/@RequestMapping(value = "/rest/account", method = RequestMethod.GET, produces = "application/json")public UserRepresentation getAccount() {UserRepresentation userRepresentation = new UserRepresentation();userRepresentation.setFirstName("admin");userRepresentation.setLastName("admin");userRepresentation.setFullName("admin");userRepresentation.setId("admin");List<String> pris = new ArrayList<>();pris.add(DefaultPrivileges.ACCESS_MODELER);pris.add(DefaultPrivileges.ACCESS_IDM);pris.add(DefaultPrivileges.ACCESS_ADMIN);pris.add(DefaultPrivileges.ACCESS_TASK);pris.add(DefaultPrivileges.ACCESS_REST_API);userRepresentation.setPrivileges(pris); // UserRepresentation userRepresentation = null; // String currentUserId = SecurityUtils.getCurrentUserId(); // if (currentUserId != null) { // RemoteUser remoteUser = remoteIdmService.getUser(currentUserId); // if (remoteUser != null) { // userRepresentation = new UserRepresentation(remoteUser); // // if (remoteUser.getGroups() != null && remoteUser.getGroups().size() > 0) { // List<GroupRepresentation> groups = new ArrayList<>(); // for (RemoteGroup remoteGroup : remoteUser.getGroups()) { // groups.add(new GroupRepresentation(remoteGroup)); // } // userRepresentation.setGroups(groups); // } // // if (remoteUser.getPrivileges() != null && remoteUser.getPrivileges().size() > 0) { // userRepresentation.setPrivileges(remoteUser.getPrivileges()); // } // // } // }if (userRepresentation != null) {return userRepresentation;} else {throw new NotFoundException();}}2.4. 效果驗(yàn)證
通過類FlowableModelerApplication啟動,啟動后效果如下:
2.5. 登錄驗(yàn)證
進(jìn)入登錄頁面http://localhost:8889/flowable-modeler,沒有認(rèn)證直接可以進(jìn)來
Modeler集成源碼下載
github鏈接:https://github.com/gb-heima/flowable-root
網(wǎng)盤鏈接:
| 提取碼 | 46b2 |
三、集成設(shè)計(jì)
將modeler作為一個(gè)單獨(dú)的微服務(wù)存在,可以獨(dú)立db,也可以公用db,如果獨(dú)立db,那么將流程導(dǎo)出,在自己的框架中導(dǎo)入,公用db,配置個(gè)流程查詢頁面即可,代碼到這個(gè)地步基本隨便集成了,后續(xù)我們深入研究如何是用流程的一些API,并盡量設(shè)計(jì)一個(gè)通用的服務(wù),敬請期待。
下一篇:
第10篇:Flowable-BPMN操作流程部署、啟動
https://blog.csdn.net/weixin_40816738/article/details/102902348
總結(jié)
以上是生活随笔為你收集整理的第9篇:Flowable-Modeler集成以及集成代码下载的全部內(nèi)容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: Activiti6 use spring
- 下一篇: 第8篇:Flowable快速工作流脚手架