javapermissionsflowable

How can flowable customize and integrate its own permission system?


My application now has its own set of permission system. It is implemented based on user groups and users as well as roles. Now I want to integrate flowable. I don't want to have two sets of permissions. I wonder if you have an integrated scheme.


Solution

  • This depends on how you are using Flowable. In case you are using the Java APIs there is typically no permission handling and your permission checks can be done before you call the API. The REST APIs are by default only checking authentication and not authorization, you can overwrite that with Spring Security.

    It is also possible to customize the identity management of Flowable Open Source by adding an implementation of the IdmIdentityService interface.

    For the enterprise offering Flowable Work the way of customizing the identity service is described in the documentation.