接上一篇:
第8篇:Flowable-Modeler集成之Flowable-modeler源码编译
https://blog.csdn.net/weixin_40816738/article/details/102901026

文章目录

  • 一、背景
  • 二、代码修改,去除认证
    • 2.1. 修改拦截请求
    • 2.2. 修改用户查询信息
    • 2.3. 账号查询请求修改
    • 2.4. 效果验证
    • 2.5. 登录验证
    • 三、集成设计

一、背景

目前我们已经修改完成了modeler单独编译,现在我们需要去除modeler的相关认证,并且自动使用超级用户来完成modeler的用户查询

二、代码修改,去除认证

2.1. 修改拦截请求

修改文件:SecurityConfiguration.java,让spring security不拦截请求,修改后代码:

/* Licensed under the Apache License, Version 2.0 (the "License");* you may not use this file except in compliance with the License.* You may obtain a copy of the License at**      http://www.apache.org/licenses/LICENSE-2.0** Unless required by applicable law or agreed to in writing, software* distributed under the License is distributed on an "AS IS" BASIS,* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.* See the License for the specific language governing permissions and* limitations under the License.*/
package org.flowable.ui.modeler.conf;import java.util.Collections;import org.flowable.ui.common.filter.FlowableCookieFilterRegistrationBean;
import org.flowable.ui.common.properties.FlowableCommonAppProperties;
import org.flowable.ui.common.properties.FlowableRestAppProperties;
import org.flowable.ui.common.security.ActuatorRequestMatcher;
import org.flowable.ui.common.security.ClearFlowableCookieLogoutHandler;
import org.flowable.ui.common.security.DefaultPrivileges;
import org.flowable.ui.common.service.idm.RemoteIdmService;
import org.flowable.ui.modeler.properties.FlowableModelerAppProperties;
import org.flowable.ui.modeler.security.AjaxLogoutSuccessHandler;
import org.flowable.ui.modeler.security.RemoteIdmAuthenticationProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.actuate.autoconfigure.security.servlet.EndpointRequest;
import org.springframework.boot.actuate.health.HealthEndpoint;
import org.springframework.boot.actuate.info.InfoEndpoint;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.header.writers.XXssProtectionHeaderWriter;/*** Based on http://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/#multiple-httpsecurity* * @author Joram Barrez* @author Tijs Rademakers* @author Filip Hrisafov*/
@Configuration
@EnableWebSecurity
public class SecurityConfiguration {private static final Logger LOGGER = LoggerFactory.getLogger(SecurityConfiguration.class);public static final String REST_ENDPOINTS_PREFIX = "/app/rest";@Autowiredprotected RemoteIdmAuthenticationProvider authenticationProvider;
//
//    @Bean
//    public FlowableCookieFilterRegistrationBean flowableCookieFilterRegistrationBean(RemoteIdmService remoteIdmService, FlowableCommonAppProperties properties) {
//        FlowableCookieFilterRegistrationBean filter = new FlowableCookieFilterRegistrationBean(remoteIdmService, properties);
//        filter.addUrlPatterns("/app/*");
//        filter.setRequiredPrivileges(Collections.singletonList(DefaultPrivileges.ACCESS_MODELER));
//        return filter;
//    }@Autowiredpublic void configureGlobal(AuthenticationManagerBuilder auth) {// Default auth (database backed)try {auth.authenticationProvider(authenticationProvider);} catch (Exception e) {LOGGER.error("Could not configure authentication mechanism:", e);}}//    @Configuration
//    @Order(10)
//    public static class FormLoginWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
//
//        @Autowired
//        protected FlowableCookieFilterRegistrationBean flowableCookieFilterRegistrationBean;
//
//        @Autowired
//        protected AjaxLogoutSuccessHandler ajaxLogoutSuccessHandler;
//
//        @Override
//        protected void configure(HttpSecurity http) throws Exception {
//            http
//                .sessionManagement()
//                    .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
//                .and()
//                    .addFilterBefore(flowableCookieFilterRegistrationBean.getFilter(), UsernamePasswordAuthenticationFilter.class)
//                    .logout()
//                        .logoutUrl("/app/logout")
//                        .logoutSuccessHandler(ajaxLogoutSuccessHandler)
//                        .addLogoutHandler(new ClearFlowableCookieLogoutHandler())
//                .and()
//                    .csrf()
//                        .disable() // Disabled, cause enabling it will cause sessions
//                        .headers()
//                        .frameOptions()
//                        .sameOrigin()
//                        .addHeaderWriter(new XXssProtectionHeaderWriter())
//                .and()
//                    .authorizeRequests()
//                    .antMatchers(REST_ENDPOINTS_PREFIX + "/**").hasAuthority(DefaultPrivileges.ACCESS_MODELER);
//        }
//    }//// BASIC AUTH//@Configuration@Order(1)public static class ApiWebSecurityConfigurationAdapter extends WebSecurityConfigurerAdapter {protected final FlowableRestAppProperties restAppProperties;protected final FlowableModelerAppProperties modelerAppProperties;public ApiWebSecurityConfigurationAdapter(FlowableRestAppProperties restAppProperties,FlowableModelerAppProperties modelerAppProperties) {this.restAppProperties = restAppProperties;this.modelerAppProperties = modelerAppProperties;}protected void configure(HttpSecurity http) throws Exception {http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and().csrf().disable();http.antMatcher("/api/**").authorizeRequests().antMatchers("/api/**").permitAll();//            if (modelerAppProperties.isRestEnabled()) {
//
//
//                if (restAppProperties.isVerifyRestApiPrivilege()) {
//                    http.antMatcher("/api/**").authorizeRequests().antMatchers("/api/**").hasAuthority(DefaultPrivileges.ACCESS_REST_API).and().httpBasic();
//                } else {
//                    http.antMatcher("/api/**").authorizeRequests().antMatchers("/api/**").authenticated().and().httpBasic();
//
//                }
//
//            } else {
//                http.antMatcher("/api/**").authorizeRequests().antMatchers("/api/**").denyAll();
//
//            }}}//// Actuator//@ConditionalOnClass(EndpointRequest.class)@Configuration@Order(5) // Actuator configuration should kick in before the Form Login there should always be http basic for the endpointspublic static class ActuatorWebSecurityConfigurationAdapter extends WebSecurityConfigurerAdapter {protected void configure(HttpSecurity http) throws Exception {http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and().csrf().disable();http.requestMatcher(new ActuatorRequestMatcher()).authorizeRequests().requestMatchers(EndpointRequest.to(InfoEndpoint.class, HealthEndpoint.class)).authenticated().requestMatchers(EndpointRequest.toAnyEndpoint()).hasAnyAuthority(DefaultPrivileges.ACCESS_ADMIN).and().httpBasic();}}
}

核心修改为:
http.antMatcher("/api/**").authorizeRequests().antMatchers("/api/**").permitAll();

2.2. 修改用户查询信息

核心文件为SecurityUtils.java,核心修改内容如下:

 /*** @return the {@link User} object associated with the current logged in user.*/public static User getCurrentUserObject() {if (assumeUser != null) {return assumeUser;}RemoteUser user = new RemoteUser();
//        FlowableAppUser appUser = getCurrentFlowableAppUser();
//        if (appUser != null) {
//            user = appUser.getUserObject();
//        }user.setId("admin");user.setDisplayName("admin");user.setFirstName("admin");user.setLastName("admin");user.setEmail("admin@admin.com");user.setPassword("test");List<String> pris = new ArrayList<>();pris.add(DefaultPrivileges.ACCESS_MODELER);pris.add(DefaultPrivileges.ACCESS_IDM);pris.add(DefaultPrivileges.ACCESS_ADMIN);pris.add(DefaultPrivileges.ACCESS_TASK);pris.add(DefaultPrivileges.ACCESS_REST_API);user.setPrivileges(pris);return user;}

2.3. 账号查询请求修改

如下,文件为RemoteAccountResource.java

    /*** GET /rest/account -> get the current user.*/@RequestMapping(value = "/rest/account", method = RequestMethod.GET, produces = "application/json")public UserRepresentation getAccount() {UserRepresentation userRepresentation = new UserRepresentation();userRepresentation.setFirstName("admin");userRepresentation.setLastName("admin");userRepresentation.setFullName("admin");userRepresentation.setId("admin");List<String> pris = new ArrayList<>();pris.add(DefaultPrivileges.ACCESS_MODELER);pris.add(DefaultPrivileges.ACCESS_IDM);pris.add(DefaultPrivileges.ACCESS_ADMIN);pris.add(DefaultPrivileges.ACCESS_TASK);pris.add(DefaultPrivileges.ACCESS_REST_API);userRepresentation.setPrivileges(pris);
//        UserRepresentation userRepresentation = null;
//        String currentUserId = SecurityUtils.getCurrentUserId();
//        if (currentUserId != null) {
//            RemoteUser remoteUser = remoteIdmService.getUser(currentUserId);
//            if (remoteUser != null) {
//                userRepresentation = new UserRepresentation(remoteUser);
//
//                if (remoteUser.getGroups() != null && remoteUser.getGroups().size() > 0) {
//                    List<GroupRepresentation> groups = new ArrayList<>();
//                    for (RemoteGroup remoteGroup : remoteUser.getGroups()) {
//                        groups.add(new GroupRepresentation(remoteGroup));
//                    }
//                    userRepresentation.setGroups(groups);
//                }
//
//                if (remoteUser.getPrivileges() != null && remoteUser.getPrivileges().size() > 0) {
//                    userRepresentation.setPrivileges(remoteUser.getPrivileges());
//                }
//
//            }
//        }if (userRepresentation != null) {return userRepresentation;} else {throw new NotFoundException();}}

2.4. 效果验证

通过类FlowableModelerApplication启动,启动后效果如下:

2.5. 登录验证

进入登录页面http://localhost:8889/flowable-modeler,没有认证直接可以进来

Modeler集成源码下载
github链接:https://github.com/gb-heima/flowable-root
网盘链接:

链接 https://pan.baidu.com/s/1nVAzNYRizCEwO9mVfTI01w
提取码 46b2

三、集成设计

将modeler作为一个单独的微服务存在,可以独立db,也可以公用db,如果独立db,那么将流程导出,在自己的框架中导入,公用db,配置个流程查询页面即可,代码到这个地步基本随便集成了,后续我们深入研究如何是用流程的一些API,并尽量设计一个通用的服务,敬请期待。

下一篇:
第10篇:Flowable-BPMN操作流程部署、启动
https://blog.csdn.net/weixin_40816738/article/details/102902348

第9篇:Flowable-Modeler集成以及集成代码下载相关推荐

  1. Flowable6.5 之 springboot集成flowable modeler设计器

    源码 githup上下载老版本源码https://github.com/flowable/flowable-engine/releases gitHub:https://github.com/flow ...

  2. Android架构篇-5 CI/CD(持续集成、持续交付、持续部署)

    Android架构篇-5 CI/CD(持续集成.持续交付.持续部署) CI CI是指持续集成,代码的更新会定期自动构建.测试并合并到公共仓库中,方便多分支时解决冲突问题 CD CD是指持续交付和/或持 ...

  3. iOS架构篇-5 CI/CD(持续集成、持续交付、持续部署)

    iOS架构篇-5 CI/CD(持续集成.持续交付.持续部署) CI CI是指持续集成,代码的更新会定期自动构建.测试并合并到公共仓库中,方便多分支时解决冲突问题 CD CD是指持续交付和/或持续部署, ...

  4. cdh的集成phoenix安装_环境篇:Kylin3.0.1集成CDH6.2.0

    环境篇:Kylin3.0.1集成CDH6.2.0 Kylin是什么? Apache Kylin™是一个开源的.分布式的分析型数据仓库,提供Hadoop/Spark 之上的 SQL 查询接口及多维分析( ...

  5. 持续集成学习笔记-入门篇(1)持续集成基本概念

    今年7月份中下旬,笔者见过一个号称"资深开发者"的哥们(据说编程有十来年了),笔者问他:"你们平时用的持续集成工具都有哪些?"这哥们回答:"那些都是骗 ...

  6. 虚拟设置里启用了集成服务器,unraid服务器all in one 篇七:双软集成无线路由光猫(下)...

    unraid服务器all in one 篇七:双软集成无线路由光猫(下) 2020-08-19 10:15:50 12点赞 74收藏 6评论 创作立场声明:本文所测商品为自费购入.如参加张大妈家的活动 ...

  7. (需求实战_进阶_02)SSM集成RabbitMQ 关键代码讲解、开发、测试

    接上一篇:(企业内部需求实战_进阶_01)SSM集成RabbitMQ 关键代码讲解.开发.测试 https://gblfy.blog.csdn.net/article/details/10419730 ...

  8. Get了!用Python制作数据预测集成工具 | 附代码

    作者 | 李秋键 责编 | 晋兆雨 大数据预测是大数据最核心的应用,是它将传统意义的预测拓展到"现测".大数据预测的优势体现在,它把一个非常困难的预测问题,转化为一个相对简单的描述 ...

  9. Java中集成极光推送实现给Android提送消息通知(附代码下载)

    场景 Android中集成极光推送实现推送消息通知与根据别名指定推送附示例代码下载: https://blog.csdn.net/BADAO_LIUMANG_QIZHI/article/details ...

  10. Android中集成Jpush实现推送消息通知与根据别名指定推送附示例代码下载

    场景 经常会有后台服务向Android推送消息通知的情况. 实现 首先在Android Studio中新建一个Android应用 在Project根目录的build.gradle中配置了jcenter ...

最新文章

  1. 循环for语句 if语句
  2. 独家 | 在Python编程面试前需要学会的10个算法(附代码)
  3. Cassandra 单机入门例子——有索引
  4. 常用函数式接口之Predicate
  5. java seconds_Java LocalTime minusSeconds()用法及代码示例
  6. Validform实时表单验证插件实例使用
  7. python type函数_Python type()函数
  8. 电能质量分析仪上位机软件安装和使用
  9. 【.NET6+WPF】WPF使用prism框架+Unity IOC容器实现MVVM双向绑定和依赖注入
  10. Linux fcntl函数详解
  11. android 动态修改pdf,PDF编辑器安卓版,手机也能修改PDF文档
  12. 如何用css绘制一个三角形
  13. HDU 5745 La Vie en rose (DP||模拟) 2016杭电多校联合第二场
  14. 苹果电脑上不错的几款计时软件
  15. 99%的人误解BLM中的“战略”与“执行”的关系及错误认为BLM/BEM就是战略解码的全部!
  16. 游戏角色写实头发制作
  17. 运放电路中何时加入偏置电流补偿电阻-运算放大器
  18. AI实战:文本自动摘要简述
  19. word2016如何插入题注并交叉引用
  20. asp.net928-研究生报名系统

热门文章

  1. 如何假装自己读懂了《时间简史》
  2. Kubernetes各个组件的概念
  3. hive的一些调优参数
  4. 语音识别学习日志 2019-7-16 语音识别基础知识准备5 {决策树算法(ID3、 C4.5、 CART)}
  5. vs2010常见错误记录
  6. Delta3d组件机制
  7. 移动云正式发布基于龙蜥 Anolis OS 的 BC-Linux V8.2 通用版操作系统
  8. CDN百科 | 假如没有CDN,网络世界会变成什么样?
  9. 支撑数千家天猫商家CRM业务,数云高弹性数据库如何做
  10. 国产数据库存储引擎X-Engine的科研之路