[7]深入浅出工作开源框架Camunda: camunda-webapp 用户登录功能代码分析
Posted 朱清云的技术博客
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了[7]深入浅出工作开源框架Camunda: camunda-webapp 用户登录功能代码分析相关的知识,希望对你有一定的参考价值。
在上个章节《[6]深入浅出工作开源框架Camunda: 如何远程Debug camunda-webapp的源代码》笔者解释了如何进行Camunda的远程Debug,这个章节笔者给大家分享如何进行camunda-webapp 用户登录功能代码分析. 首先还是输入,http://127.0.0.1:8080/camunda/app/welcome/default/#!/login
点击“Login” 按钮后,其会执行下面的代码:
package org.camunda.bpm.webapp.impl.security.auth;
import java.util.ArrayList;
import java.util.List;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.FormParam;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
import org.camunda.bpm.engine.ProcessEngine;
import org.camunda.bpm.engine.identity.Group;
import org.camunda.bpm.engine.identity.Tenant;
import org.camunda.bpm.engine.rest.exception.InvalidRequestException;
import org.camunda.bpm.webapp.impl.util.ProcessEngineUtil;
/**
* Jax-Rs resource allowing users to authenticate with username and password</p>
*
* @author Daniel Meyer
*
*/
@Path(UserAuthenticationResource.PATH)
public class UserAuthenticationResource
public static final String PATH = "/auth/user";
@Context
protected HttpServletRequest request;
@GET
@Path("/processEngineName")
public Response getAuthenticatedUser(@PathParam("processEngineName") String engineName)
Authentications allAuthentications = Authentications.getCurrent();
if (allAuthentications == null)
return notFound();
Authentication engineAuth = allAuthentications.getAuthenticationForProcessEngine(engineName);
if (engineAuth == null)
return notFound();
else
return Response.ok(AuthenticationDto.fromAuthentication(engineAuth)).build();
@POST
@Path("/processEngineName/login/appName")
public Response doLogin(
@PathParam("processEngineName") String engineName,
@PathParam("appName") String appName,
@FormParam("username") String username,
@FormParam("password") String password)
final ProcessEngine processEngine = ProcessEngineUtil.lookupProcessEngine(engineName);
if(processEngine == null)
throw new InvalidRequestException(Status.BAD_REQUEST, "Process engine with name "+engineName+" does not exist");
// make sure authentication is executed without authentication :)
processEngine.getIdentityService().clearAuthentication();
// check password / username
boolean isPasswordValid = processEngine.getIdentityService().checkPassword(username, password);
if (!isPasswordValid)
return unauthorized();
AuthenticationService authenticationService = new AuthenticationService();
UserAuthentication authentication = (UserAuthentication) authenticationService.createAuthenticate(processEngine, username, null, null);
Set<String> authorizedApps = authentication.getAuthorizedApps();
if (!authorizedApps.contains(appName))
return forbidden();
if (request != null)
Authentications.revalidateSession(request, authentication);
return Response.ok(AuthenticationDto.fromAuthentication(authentication)).build();
protected List<String> getGroupsOfUser(ProcessEngine engine, String userId)
List<Group> groups = engine.getIdentityService().createGroupQuery()
.groupMember(userId)
.list();
List<String> groupIds = new ArrayList<String>();
for (Group group : groups)
groupIds.add(group.getId());
return groupIds;
protected List<String> getTenantsOfUser(ProcessEngine engine, String userId)
List<Tenant> tenants = engine.getIdentityService().createTenantQuery()
.userMember(userId)
.includingGroupsOfUser(true)
.list();
List<String> tenantIds = new ArrayList<String>();
for(Tenant tenant : tenants)
tenantIds.add(tenant.getId());
return tenantIds;
@POST
@Path("/processEngineName/logout")
public Response doLogout(@PathParam("processEngineName") String engineName)
final Authentications authentications = Authentications.getCurrent();
// remove authentication for process engine
authentications.removeAuthenticationForProcessEngine(engineName);
return Response.ok().build();
protected Response unauthorized()
return Response.status(Status.UNAUTHORIZED).build();
protected Response forbidden()
return Response.status(Status.FORBIDDEN).build();
protected Response notFound()
return Response.status(Status.NOT_FOUND).build();
上面代码来自于类UserAuthenticationResource, 其会调用doLogin() 方法,整体认证流程如下如所示意!
以上是关于[7]深入浅出工作开源框架Camunda: camunda-webapp 用户登录功能代码分析的主要内容,如果未能解决你的问题,请参考以下文章
[7]深入浅出工作开源框架Camunda: camunda-webapp 用户登录功能代码分析
[5]深入浅出工作开源框架Camunda: 解读 camunda-webapp 笔记
[3] 深入浅出工作开源框架Camunda: Camunda 切换到MySQL数据库
[6]深入浅出工作开源框架Camunda: 如何远程Debug camunda-webapp的源代码