Book Image

Mastering jBPM6

By : Simone Fiorini, Arun V Gopalakrishnan
Book Image

Mastering jBPM6

By: Simone Fiorini, Arun V Gopalakrishnan

Overview of this book

Table of Contents (18 chapters)
Mastering jBPM6
About the Authors
About the Reviewers


Security or application security in this context refers to protecting the services and data provided by jBPM from unauthorized access (authentication) and at the same time ensuring that the users can access the set of services and data authorized for them (authorization).

Another important perspective that we have to consider in a BPM system is providing non-repudiation for all the user interactions. jBPM supports this by providing an audit logging facility for all runtime data changes.


Non-repudiation assures that a user cannot deny performing an action or operation in the system.

Securing the access of application assets

jBPM, usually deployed in an application server, uses a JEE-compatible standard, that is, Java Authentication and Authorization Service (JAAS), for providing application security. The application server provides this service and a mechanism to register the users.

The default asset repository used to keep the application assets is the Git repository. Further, a...