Book Image

Mastering jBPM 5

By : Simone Fiorini, Arun V Gopalakrishnan
Book Image

Mastering jBPM 5

By: Simone Fiorini, Arun V Gopalakrishnan

Overview of this book

If you are a designer or developer who wants to build and operate business process-centric applications, then this book is for you. Knowledge of the basic concepts of application development in Java will be helpful in following the concepts covered in the book, but is not necessary.
Table of Contents (13 chapters)
12
Index

Security


Security or application security in this context refers to protecting the services and data provided by jBPM from unauthorized access (authentication) and at the same time ensuring that the users can access the set of services and data authorized for them (authorization).

Another important perspective that we have to consider in a BPM system is providing non-repudiation for all the user interactions. jBPM supports this by providing an audit logging facility for all runtime data changes.

Note

Non-repudiation assures that a user cannot deny performing an action or operation in the system.

Securing the access of application assets

jBPM, usually deployed in an application server, uses a JEE-compatible standard, that is, Java Authentication and Authorization Service (JAAS), for providing application security. The application server provides this service and a mechanism to register the users.

The default asset repository used to keep the application assets is the Git repository. Further, a...