4 Replies Latest reply on Dec 11, 2012 3:34 PM by DavidGaskell

    Obtain Username from ADF Security with BPM Task Page


      I have a requirement to obtain the currently logged on user within a BPM task page.

      I log onto either the BPM workspace or our own custom workspace that leverages the BPM Tasklist Taskflow. When navigating from a task in the tasklist, I have attempted to use an ADF EL expression to obtain the current user #{securityContext.userName}. However this seems to return anonymous. I have created a very simple test case and process to prove this, just displaying the user on the screen. However it shows as anonymous. I have done nothing special with either the task page or my workspace application to configure security aspects. Other than the standard ADF security of the custom workspace loggin.

      Does anyone know if this is achievable? (My ADF skills are limited)

      Interestingly, this seems to work fine on some of our sever installs but not on others, including my Local Windows install. Therefore it is concidence it works on the servers (Linux).

      Many Thanks for any guidance you can provide

      FYI, The Task actions, task comments etc all record the logged in user correctly. I also reviewed comments in https://blogs.oracle.com/bpmbestpractice/entry/bpm_adf_task_forms_checking

      Regards Dave

      Edited by: DavidGaskell on Dec 1, 2012 12:41 AM
        • 1. Re: Obtain Username from ADF Security with BPM Task Page
          If you have not implemented single sign on, then you will have to add a login page to view your custom taskflow inside BPM worklist app. The reason you are getting user as anonymous is that the identity is not transferred to the inner custom taskflow. For this you will have to protect the custom taskflow with ADF security so that it will ask you for another login page when you click on an workitem in the bpm worklist. After this login, the taskflow will understand the identity of the user logged in and +#{securityContext.userName}+ will return the correct username.
          • 2. Re: Obtain Username from ADF Security with BPM Task Page
            Hi thanks,

            I'm a little confused so apologies.

            The steps we have followed to date as as follows:

            1) Written our own login page which inplements ADF security to authenticate the user
            2) Integrated the BPM task list task flow into our application as per Oracle docs.
            3) Written a separate application for the task page.
            4) run the application so u log into application, go to task list page, click in a bpm task in task list which launches the custom bpm task page. At this point the security context is anonymous evn though the login page shows the user logged in.

            Therefore are you suggesting I need to add some additional steps to pass the context into the custom page. FYI we have no single sign on implemented.

            I presume the BPM context must be set based on the logged on user as all task actions are performed as the user details are recorded.

            In a simpler scenario I get the same outcome whe using the out the box bpm workspace.

            Rgards Dave
            • 3. Re: Obtain Username from ADF Security with BPM Task Page
              You should have additional authentication setup to access your bpm page. When you click on a task in bpm worklist application, it should ask for login credentials to view the bpm task page since you have not implemented single sign on. Then only you will be able to get logged in user in the security context.
              • 4. Re: Obtain Username from ADF Security with BPM Task Page

                Thanks for your posts. We added the security to the pages and as expected, the users needed to logon to get the ADF security context. However as this is not the expected behavious and wasn't consistent with our other environments we dug deeper.

                The bigger issue of the ADF security not being passed from our workspace application was still present. We found it was related to the use of physical host names not matching between requests (URL useing once host name and the server host name being different). Hence the task page was also opened in a new session. Hence once the host names where corrected we did not need the security page logins and teh ADF security was passed as expected.