Versions Compared

Old Version 1

changes.mady.by.user Sitthipong Boonkhoom

Saved on

compared with

New Version Current

changes.mady.by.user Zhang Allen

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

User logs in to external system and implicitly gains access to Joget Workflow without being prompted to login again.

Using JSON API

用户登录到外部系统,隐式获得对Joget Workflow的访问,而不会再提示重新登录。

使用JSON API

  • 使用  Using '/web/json/directory/user/sso'   JSON API.
  • You are allowed to call this method using 您可以使用 JSON API 认证 or 
  • Directly passes the username and password with "username" and "password" parameters respectively shown in following example.直接传递用户名和密码,分别如下例所示的“用户名”和“密码”参数。
Code Block
languagejs
<script>
    $(document).ready(function(){
		$.ajax({
            type: "POST",
            url: 'http://localhost:8080/jw/web/json/directory/user/sso?callback=callbackFunction',
            data: {
                username: 'admin',
                password: 'admin'
            },
            success: function(res) {
                console.log("username (" + res.username + ") is " + ((res.isAdmin !== undefined && res.isAdmin === "true")?"admin":"not an admin"));
            },
            dataType: "json"
        });
    });
</script>

Using Basic Http Authentication with JSON API

使用基本的Http身份验证和JSON API

  • 自V4以来,  支持Joget Workflow基本HTTP身份验证的JSON API身份验证中,您可以将凭据传递到头中。
  • 示例:  假设所需的用户名和密码分别为“user1”和“password1”,我们可以使用以下jQuery脚本将Basic Auth头设置为JSON API。
  • Since V4, Joget Workflow is supported Basic HTTP Authentication in JSON API authentication, you can passing the credentials in the header.
  • ExampleAssuming the username and password required is "user1" and "password1" respectively, we can set the Basic Auth header to the JSON API using following jQuery script.
Code Block
languagejs
<script>
    $(document).ready(function(){
		$.ajax({
            type: "POST",
            url: 'http://localhost:8080/jw/web/json/directory/user/sso',
            beforeSend: function (xhr) {
                xhr.setRequestHeader ("Authorization", "Basic dXNlcjE6cGFzc3dvcmQx");
            },
            success: function(res) {
                console.log("username (" + res.username + ") is " + ((res.isAdmin !== undefined && res.isAdmin === "true")?"admin":"not an admin"));
            },
            dataType: "json"
        });
    });
</script>

...

使用JavaScript API

  • 包含jQuery&util.js库。 

  • 使用AssignmentManager.login方法进行SSO。

  • 执行成功登录回调的操作。
  • Includes the jQuery & util.js libraries. 

  • Using the AssignmentManager.login method for SSO.

  • Perform actions in callback of successful login.
Code Block
langjavascript
<script type="text/javascript" src="http://localhost:8080/jw/js/jquery/jquery-1.9.1.min.js"></script>
<script type="text/javascript" src="http://localhost:8080/jw/js/json/util.js" ></script>

<script type="text/javascript" >
$(document).ready(function(){
    var loginCallback = {
        success : function(response){
            if(response.username != "roleAnonymous"){
                alert("login successfully");
            }else{
                alert("login fail");
            }
        }
    };
    AssignmentManager.login('http://localhost:8080/jw', 'admin', 'admin', loginCallback);
});
</script>

Login an User Programmatically

以编程方式登录用户

 

Code Block
import org.joget.apps.workflow.security.WorkflowUserDetails;
import org.joget.directory.model.service.DirectoryManager;
import org.joget.workflow.model.service.WorkflowUserManager;
import org.joget.apps.app.service.AppUtil;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.joget.directory.model.User;
import org.joget.workflow.util.WorkflowUtil;
import org.springframework.security.core.context.SecurityContextHolder;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpServletRequest;
import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
import org.springframework.security.web.savedrequest.SavedRequest;
 
//Get service beans
DirectoryManager dm = (DirectoryManager) AppUtil.getApplicationContext().getBean("directoryManager");
WorkflowUserManager workflowUserManager = (WorkflowUserManager) AppUtil.getApplicationContext().getBean("workflowUserManager");
 
//Login as "clark"
String username = "clark"; 
User user = dm.getUserByUsername(username);

if (user != null) {
    WorkflowUserDetails userDetail = new WorkflowUserDetails(user);
 
    //Generate an authentication token without a password
    Authentication auth = new UsernamePasswordAuthenticationToken(userDetail, userDetail.getUsername(), userDetail.getAuthorities());
    
    //Login the user
    SecurityContextHolder.getContext().setAuthentication(auth);
    workflowUserManager.setCurrentThreadUser(user.getUsername());

    // generate new session to avoid session fixation vulnerability
    HttpServletRequest httpRequest = WorkflowUtil.getHttpServletRequest();
    HttpSession session = httpRequest.getSession(false);
    if (session != null) {
        SavedRequest savedRequest = (SavedRequest) session.getAttribute("SPRING_SECURITY_SAVED_REQUEST_KEY");
        session.invalidate();
        session = httpRequest.getSession(true);
        if (savedRequest != null) {
            session.setAttribute("SPRING_SECURITY_SAVED_REQUEST_KEY", savedRequest);
        }
    }
}

 

...