Setting up the Security Handler
Every API call which the client application makes to a BPM service must include an appropriate security information in the header of the SOAP request envelop. In order to enforce the security constraints, a security handler must be created and registered for every user who logs in to the BPM runtime.
Note that the security handler must be set before creating an instance of the Java Service Connector.
To include the header information in the SOAP request, the client application must implement the SecurityHandler interface to set the default security handler for the logged in user.
// Create a security handler for the logged in user. SecurityHandler securityHandler = new DefaultSecurityHandler(getUserName(req), getPassword(req)); |
Note: If you want to implement SSO using a SAML 2.0 token, your client application must use the
SamlSenderVouchesSecurityHandler instead of the
DefaultSecurityHandler. For information about this method, see " Using the Service Connector SamlSenderVouchesSecurityHandler Method" in the
TIBCO ActiveMatrix BPM Single Sign-On guide.
Copyright © Cloud Software Group, Inc. All rights reserved.