Alfresco工作流:计时器事件的Activiti bpmn脚本中没有有效的SecureContext
我有一个工作流,它有一个嵌入式脚本,可以对权限进行一些修改,在工作流完成时运行。对于任务,我将runas属性设置为“admin”,如果整个操作是由用户操作触发的(由受让人完成或由发起人取消),那么在大多数情况下,这是有效的。但是当它被boundaryEvent计时器触发时,我得到以下错误 2017-02-28 10:44:04645错误[impl.jobexecutor.ExecuteJobsRunable] 作业执行期间[pool-17-thread-1]异常:发现012814135 1 完整性冲突:未在中提供有效的SecureContext 请求上下文 请注意,每次运行的代码完全相同 这是定义的第一个生成异常的executionListener。以下是我的流程定义:Alfresco工作流:计时器事件的Activiti bpmn脚本中没有有效的SecureContext,alfresco,activiti,bpmn,Alfresco,Activiti,Bpmn,我有一个工作流,它有一个嵌入式脚本,可以对权限进行一些修改,在工作流完成时运行。对于任务,我将runas属性设置为“admin”,如果整个操作是由用户操作触发的(由受让人完成或由发起人取消),那么在大多数情况下,这是有效的。但是当它被boundaryEvent计时器触发时,我得到以下错误 2017-02-28 10:44:04645错误[impl.jobexecutor.ExecuteJobsRunable] 作业执行期间[pool-17-thread-1]异常:发现012814135 1 完整
<process id="GrantPermi" name="Grant Permissions" isExecutable="true">
<extensionElements>
<activiti:executionListener event="end" class="org.alfresco.repo.workflow.activiti.listener.ScriptExecutionListener">
<activiti:field name="runAs">
<activiti:string><![CDATA[admin]]></activiti:string>
</activiti:field>
<activiti:field name="script">
<activiti:string><![CDATA[
logger.log("process extensionElements end : " + person.properties.userName);
if( execution.getVariable('processextensionElementsend') != true )
{
var groupName = execution.getVariable('GroupName');
for (var i in bpm_package.children)
{
bpm_package.children[i].removePermission("SiteConsumer", "GROUP_" + groupName );
}
groups.getGroup(groupName).deleteGroup();
}
execution.setVariable('processextensionElementsend',true);
]]></activiti:string>
</activiti:field>
</activiti:executionListener>
</extensionElements>
<startEvent id="alfrescoStartevent1" name="Alfresco start" activiti:formKey="DACGPWF:submitGrantPermiTask"></startEvent>
<scriptTask id="scripttask1" name="Script Task" scriptFormat="js" activiti:autoStoreVariables="false">
<script><![CDATA[
if(DACGPWF_expires == null)
{
var dat = new Date();
dat.setDate(dat.getDate() + 7);
execution.setVariable('DACGPWF_expires', dat.toISOString());
}
]]></script>
</scriptTask>
<userTask id="alfrescoUsertask1" name="Temporary Permissions" activiti:assignee="${bpm_assignee.properties.userName}" activiti:formKey="DACGPWF:assigneeTask">
<extensionElements>
<activiti:taskListener event="create" class="org.alfresco.repo.workflow.activiti.tasklistener.ScriptTaskListener">
<activiti:field name="runAs">
<activiti:string><![CDATA[admin]]></activiti:string>
</activiti:field>
<activiti:field name="script">
<activiti:string><![CDATA[logger.log("alfrescoUsertask1 create : " + person.properties.userName + " Expires " + DACGPWF_expires );
var groupName = "GrantPermi" + new Date().getTime();
var group = people.createGroup(groupName);
var user = people.getPerson(bpm_assignee.properties.userName);
people.addAuthority(group, user);
for (var i in bpm_package.children)
{
bpm_package.children[i].setPermission("SiteConsumer", "GROUP_" + groupName);
}
execution.setVariable('GroupName',groupName);]]></activiti:string>
</activiti:field>
</activiti:taskListener>
</extensionElements>
</userTask>
<boundaryEvent id="boundarytimer1" name="Timer" attachedToRef="alfrescoUsertask1" cancelActivity="true">
<timerEventDefinition>
<timeDate>${DACGPWF_expires}</timeDate>
</timerEventDefinition>
</boundaryEvent>
<endEvent id="endevent1" name="End"></endEvent>
<sequenceFlow id="flow2" sourceRef="alfrescoUsertask1" targetRef="endevent1"></sequenceFlow>
<sequenceFlow id="flow3" sourceRef="boundarytimer1" targetRef="endevent1"></sequenceFlow>
<sequenceFlow id="flow4" sourceRef="scripttask1" targetRef="alfrescoUsertask1"></sequenceFlow>
<sequenceFlow id="flow5" sourceRef="alfrescoStartevent1" targetRef="scripttask1"></sequenceFlow>
</process>
${DACGPWF_过期}
这里是我调用的Java类,而不是脚本,但我得到了相同的行为:当用户调用它时工作,当计时器调用它时失败
public class RemoveGroup implements ExecutionListener{
private static final long serialVersionUID = 1L;
@Override
public void notify(DelegateExecution execution) throws Exception
{
final ServiceRegistry serviceRegistry = getServiceRegistry();
if(execution.getVariable("processextensionElementsend") == null)
{
String shortName = execution.getVariable("GroupName").toString();
final String fullName = serviceRegistry.getAuthorityService().getName(AuthorityType.GROUP, shortName);
//AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.SYSTEM_USER_NAME);
AuthenticationUtil.setAdminUserAsFullyAuthenticatedUser();
serviceRegistry.getAuthorityService().deleteAuthority(fullName);
/*
AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Void>()
{
public Void doWork() throws Exception
{
serviceRegistry.getAuthorityService().deleteAuthority(fullName);
return null;
}
}, AuthenticationUtil.getSystemUserName());
*/
}
execution.setVariable("processextensionElementsend", true);
}
protected ServiceRegistry getServiceRegistry()
{
ProcessEngineConfigurationImpl config = Context.getProcessEngineConfiguration();
if(config != null)
{
// Fetch the registry that is injected in the activiti spring-configuration
ServiceRegistry registry = (ServiceRegistry)config.getBeans().get(ActivitiConstants.SERVICE_REGISTRY_BEAN_KEY);
if(registry == null)
{
throw new RuntimeException("Service-registry not present in ProcessEngineConfiguration beans, expected ServiceRegistry with key" + ActivitiConstants.SERVICE_REGISTRY_BEAN_KEY);
}
return registry;
}
throw new IllegalStateException("No ProcessEngineCOnfiguration found in active context");
}
公共类RemoveGroup实现ExecutionListener{
私有静态最终长serialVersionUID=1L;
@凌驾
public void notify(DelegateExecution)引发异常
{
最终ServiceRegistry ServiceRegistry=getServiceRegistry();
if(execution.getVariable(“processextensionElementsend”)==null)
{
String shortName=execution.getVariable(“GroupName”).toString();
最后一个字符串fullName=serviceRegistry.getAuthorityService().getName(AuthorityType.GROUP,shortName);
//AuthenticationUtil.SetFullyAuthenticationDuser(AuthenticationUtil.SYSTEM\u用户名);
AuthenticationUtil.setAdminUserAsFullyAuthenticatedUser();
serviceRegistry.getAuthorityService().deleteAuthority(全名);
/*
AuthenticationUtil.runAs(新的AuthenticationUtil.RunAsWork()
{
public Void doWork()引发异常
{
serviceRegistry.getAuthorityService().deleteAuthority(全名);
返回null;
}
},AuthenticationUtil.getSystemUserName());
*/
}
setVariable(“processextensionElementsend”,true);
}
受保护的ServiceRegistry getServiceRegistry()
{
ProcessEngineConfigurationImpl config=Context.getProcessEngineConfiguration();
如果(配置!=null)
{
//获取在activiti spring配置中注入的注册表
ServiceRegistry注册表=(ServiceRegistry)config.getBeans().get(ActivityConstants.SERVICE\u注册表\u BEAN\u键);
if(注册表==null)
{
抛出新的RuntimeException(“ProcessEngineConfigurationbean中不存在服务注册表,预期ServiceRegistry的键为”+ActivityConstants.Service\u registry\u BEAN\u key);
}
申报登记处;
}
抛出新的非法状态异常(“在活动上下文中找不到ProcessEngineCOnfiguration”);
}
}我们有时也会遇到同样的问题,我们将自定义脚本移到Java委托中。最好使用java委托来执行一些复杂的逻辑,并且还应该能够在java delegates中
runAs
AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Void>()
{
public Void doWork() throws Exception
{
......
........
return null;
}
}, AuthenticationUtil.getSystemUserName());
AuthenticationUtil.runAs(新的AuthenticationUtil.RunAsWork()
{
public Void doWork()引发异常
{
......
........
返回null;
}
},AuthenticationUtil.getSystemUserName());
请参阅下面的链接。
你能试试下面提到的稍微不同的方法吗
AuthenticationUtil.runAsSystem(new RunAsWork<Void>() {
@Override
public Void doWork() throws Exception
{
....
...
return null;
}
});
AuthenticationUtil.runAsSystem(新的RunAsWork(){
@凌驾
public Void doWork()引发异常
{
....
...
返回null;
}
});
不,这似乎也不起作用。我只是试着得到同样的行为模式。用户启动的操作工作正常,但来自计时器的操作失败,并出现有效的SecureContext错误。我尝试了使用AuthenticationUtil.runAs
和AuthenticationUtil.setfullyaauthenticateduser(AuthenticationUtil.SYSTEM\u用户名)代码>您是否可以共享代码以进行检查。。我已经在java委托中的很多地方使用了AuthenticationUtil,所有这些都工作得很好。我也使用过身份验证直到足够多,它从来没有给我这样的麻烦。你能试一下吗AuthenticationUtil.runAsSystem…
我更新了答案。让我尝试在本地实例上重现这个问题,并尝试帮助您。