Bug 1231870

Summary: Missing documentation for embedding business-central
Product: [Retired] JBoss BPMS Platform 6 Reporter: Anton Giertli <agiertli>
Component: DocumentationAssignee: brms-docs <brms-docs>
Status: CLOSED EOL QA Contact: Tomas David <tdavid>
Severity: high Docs Contact: Dawn Eisner <deisner>
Priority: high    
Version: 6.1.0CC: agiertli, brms-docs, manstis, porcelli
Target Milestone: ---   
Target Release: One-off release   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-03-27 20:10:05 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Anton Giertli 2015-06-15 14:13:08 UTC 
I am not able to find any documentation regarding embedding workbench into custom web app.

This is supported and documented via community:
http://docs.jboss.org/jbpm/v6.2/userguide/wb.Workbench.html#wb.Embedding

On top of this community doc please include list of **all** possible perspectives.

I have found some of these here:

https://github.com/droolsjbpm/kie-wb-distributions/search?utf8=%E2%9C%93&q=WorkbenchPerspective

https://github.com/droolsjbpm/jbpm-console-ng/search?p=1&q=WorkbenchPerspective&type=Code&utf8=%E2%9C%93

Note that you have to use identifier (@WorkbenchPerspective(identifier="myId") and not the FQCN of the perspective.

It may also make sense to include full "demo" on how to use this - for example, this is what I have shared with customer as an example:

===test.html===
 <html>
  <head>
    <title>Test</title>
  </head>
  <body>
    <iframe id="ifrm" width="1920" height="1080" src='http://localhost:8080/business-central?standalone=&perspective=AuthoringPerspective&header=AppNavBar'></iframe>
  </body>
</html>


Finally, somebody from QA/ENG will have to clarify the  x-frame-options which can be set in web.xml of business-central and how exactly it relates to the embedding workbench via iFrames. Possible values can be found here:


https://developer.mozilla.org/en-US/docs/Web/HTTP/X-Frame-Options
Comment 1 Anton Giertli 2015-06-15 14:15:06 UTC 
The default value of x-frame-options is:

  <param-name>x-frame-options</param-name>
  <param-value>SAMEORIGIN</param-value> 

I think if you are embedding workbench in a different host you may need to set it like:

      <param-value>ALLOW-FROM http://host:port</param-value> 

but I am not really sure.
Comment 3 gsheldon 2015-07-15 04:23:07 UTC 
This topic has been added to the User Guide for both BRMS and BPM Suite. Setting to modified until changes are brewed.
Comment 5 Anton Giertli 2015-07-20 06:56:12 UTC 
Hi Michael,

we are trying to document embedding business-central into official product doc and I'd like to verify few  information.

1) What is the full list of available perspectives which can be used? So far, I have found this:

AdministrationPerspective
AuthoringPerspectiveNoContext
AuthoringPerspective
org.guvnor.m2repo.client.perspectives.GuvnorM2RepoPerspective

All taken from 
https://github.com/droolsjbpm/kie-wb-distributions/tree/6.2.x/kie-drools-wb/kie-drools-wb-webapp/src/main/java/org/kie/workbench/drools/client/perspectives

Are there any others?

2) What is the full list of possible header values? Community doc only  includes "ComplementNavArea". I have also found  "AppNavBar" and "LogoWidget". Anything else?

3) Can you please elaborate on x-frame-options in web.xml and how it relates to emebdding business-central? Possibly with examples.

I hope you are the right person to ask this information from, if not, please re-assign the NEEDINFO flag.

Thanks in advance,
Anton
Comment 6 manstis 2015-07-20 08:53:44 UTC 
1) These are the perspectives I can identify (where I do not know what it represents, I've put the IRC nick for somebody who will be able to advise if you need more information).

* AdministrationPerspective - Administration
* AppsPerspective - Plugin authoring (Applications)
* Asset Management - Asset Management
* ContributorsPerspective - Dashboard of Users and commits etc
* DashboardPerspective - dgutierr
* DataSetAuthoringPerspective - dgutierr
* DataSet Process Instances - dgutierr
* DataSet Tasks - dgutierr
* Deployments - maciejs
* AuthoringPerspectiveNoContext - Authoring, no Project Explorer
* AuthoringPerspective - Authoring
* FormDisplayPerspective - salaboy
* org.kie.workbench.common.screens.home.client.perspectives.HomePerspective - Home page
* Jobs - salaboy
* org.guvnor.m2repo.client.perspectives.GuvnorM2RepoPerspective - Artifact (Maven) Repository
* PlugInAuthoringPerspective - Plugin authoring (screens, menus, perspectives)
* Process Definitions - salaboy
* Process Instances - salaboy
* ServerManagementPerspective - KIE Execution Server management
* SocialHomePagePerspective - ederign
* StandaloneEditorPerspective - porcelli
* Tasks - salaboy
* UserHomePagePerspective - ederign

2) +3) I've reassign this to somebody who can advise.
Comment 7 Alexandre Porcelli 2016-01-07 12:20:01 UTC 
2) What is the full list of possible header values?
Actually this is sorta dynamic, every type that implements org.uberfire.client.workbench.Header interface can be used. Today on master the values are just "AppNavBar" and and "LogoWidget" ("ComplementNavArea" doesn't exist anymore for the upcoming 6.3 product).

3) BxMS sets X-Frame-Options to "SAMEORIGIN" in order to avoid clickjacking attacks (more info https://developer.mozilla.org/en-US/docs/Web/HTTP/X-Frame-Options). But if you need to embed it, for obvious reason, you won't have "SAMEORIGIN" anymore. So this why you need to tune it to "ALLOW-FROM" (that might not be supported by some browsers) or just remove it from web.xml.