Hide Forgot
Date of First Response: 2008-09-19 09:17:02 project_key: SOA With jBPM orchestrated services, we want to map the security context which is being maintained in message properties into jBPM context variables, and back into the ESB message.
From Jeff ... "The SSO token can be propagated between services orchestrated by jBPM by copying it back and forth between the jBPM Context and the ESB Message. For example: <action name="create_new_process_instance" class="org.jboss.soa.esb.services.jbpm.actions.BpmProcessor"> <property name="command" value="StartProcessInstanceCommand" /> <property name="process-definition-name" value="helloWorld"/> <property name="esbToBpmVars"> <mapping esb="BODY_CONTENT" bpm="request" /> <mapping esb="properties.'org.jboss.soa.esb.services.security.context'" bpm="securityContext" /> </property> </action> Note that the dot delimited context name has single quotes around it, and is prefaced with properties, since that is where the security context is currently situated in the ESB Message. A similar mapping must be configured in the JPDL process definition ESB Service Node."
It is not possible to propagate security context in this way because it is not accessible in action pipeline (esbMessage.getContext().removeContext(SecurityService.CONTEXT); is called before processing the pipeline).
Link: Added: This issue depends JBESB-2122
Not only that but the location has moved to a context area. In theory the security context should be driven by the jBPM process but this is not happening. We are therefore going to investigate some workarounds, one of which might be to use the initial context. Of course this particular suggestion does not help if the process instance is *not* created by the ESB.
Release Note: JBESB-2122 Security contexts can now be propagated between ESB services and jBPM Orchestrations.
Verified with CR5 and added to automated tests.