1. Developing SOA Applications with Oracle SOA Suite
  2. Using the Human Workflow Service Component
  3. Understanding Human Workflow Services
  4. Introduction to Human Workflow Services
  5. Security Model for Services
  6. Creating Human Workflow Context on Behalf of a User

Creating Human Workflow Context on Behalf of a User

The authenticateOnBehalfOf API method on the task query service can create the human workflow context on behalf of a user by passing the user ID and password of an admin user in the request. An admin user is a user with the workflow.admin privilege. This created context is as if it was created using the password on behalf of the user.

This is useful for environments in which a back-end system acts on workflow tasks while users act in their own system. There is no direct interaction with workflow services; the system can use the on-behalf-of-user login to get a context for the user.

Note:

Oracle recommends that you only use this feature for system operations. This is because you must create an admin user context and then query for the human workflow context created on behalf of the user. If you instead use identity propagation, the user is already authenticated and the client can get IWorkflowContext for the already authenticated user. For more information, see Obtaining the Workflow Context for a User Previously Authenticated by a JAAS Application.

In the code sample below, the human workflow context is created for user jcooper. 

String adminUser = "...."
String adminPassword = "...."
String realm = "...."

IWorkflowContext adminCtx =
taskQueryService.authenticate(user,password.toCharArray(),realm);

IWorkflowContext behalfOfCtx =
 taskQueryService.authenticateOnBehalfOf(adminCtx,"jcooper");