New Workflow Rest API

With the next minor release 4.3. of Imixs-Workflow, which will be released shortly, the Open Source Workflow Engine supports a new Rest API. The new API is easier to apply. The result data output is mashed and  now always the same structure. This makes client implementations cleaner and easier to implement. At the same time, all functions of the human-centric workflow engine can be used via one common Rest API.

The old API is also still supported by the Imixs-Workflow engine. The old API can be used with the version prafix /v40/ in the request path.

Learn more about human-centric workflow here.

Imixs-BPMN – Data Objects

With the latest version 4.2.5, the Imixs-Workflow Engine, is now supporting BPMN Data Objects. This kind of model element can be used to model more complex wokflows processing input data:

With this new feature any kind of data object – e.g. a XML or HTML templates – can be associated with a BPMN Task. As a result, the task element will provide these data objects in the new item ‘dataObject’. This item can be injected into a running process instance. See the following code example which is injecting a ‘Invoice HTML template’ into a workitem:

...
ItemCollection task = model.getTask(1000);
List<List<String>> dataObjects = task.getItemValue("dataObjects");
if (dataObjects.size()>0) {
    List<String> firstDataObject = (List<String>) dataObjects.get(0);
    String templateName = firstDataObject.get(0);
    String content = firstDataObject.get(1);
    logger.info("DataObject name=" + templateName);
    logger.info("DataObject content=" + content);
  }
  if ("Invoice Template".equals(templateName) {
    // inject data...
    workitem.repalceItemValue("htmldocument",content);
  }
}
....

DataObjects are part of Imixs-Office-Workflow Version 3.2  to provide an easy and flexible way to create documents and templates during a business process.

Imixs-Cloud – a Lightweight Docker Swarm Environment

The Imixs-Project started the new subproject Imixs-Cloud.

Imixs-Cloud is a conceptual infrastructure project, describing a way to create a server environment for business applications. One of the main objectives of this project is to focus on simplicity and transparency. The general idea is to setup a lightweight docker based infrastructure with docker swarm. Within this infrastructure business applications like Imixs-Office-Workflow can be deployed in a fast and easy way.
Imixs-Cloud is developed as part of the Open Source project Imixs-Workflow and continuous under development. To contribute to this project please report any issues here. All source are available on Github.

JSON Web Token and JASPIC

The Imixs Project started a new JSON Web Token project called Imixs-JWT.

Imixs-JWT is a compact easy to use library to generate and verify JSON Web Tokens. The library is based on maven and can be add with the following dependency available from Maven Central:

<dependency>
 <groupId>org.imixs.jwt</groupId>
 <artifactId>imixs-jwt</artifactId>
 <version>1.0.0</version>
</dependency>

The following example shows how to build a JWT in Java:

import org.imixs.jwt.*;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import javax.crypto.SecretKey;

...
// We need a signing key...
SecretKey secretKey = HMAC.createKey("HmacSHA256", "secret".getBytes());
String payload="{\"sub\":\"1234567890\",\"name\":\"John Doe\",\"admin\":true}";
JWTBuilder builder = new JWTBuilder().setKey(secretKey).setJSONPayload(payload);
System.out.println("JWT=" + builder.getToken());

// will result in:
// eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.
// eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.
// TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ

JASPIC Auth Module for JWT

The project also provides a JASPIC authentication module. JASPIC is an authentication standard and can be used in Java EE application servers. The module was tested with Wildfly 10 and can be used also with different application servers.

How to use Environment Variables in WildFly Docker Containers

When setting up a Wildfly server, it is possible to use environment variables in the standalone.xml file by using the Bean Shell expression.

See the following example which sets up the database, user and password in a database configuration in the standalone.xml file by accessing environment variables:

<datasource jta="true" jndi-name="java:/jdbc/my_datasource" pool-name="my_pool" enabled="true" use-ccm="true">
    <connection-url>${env.POSTGRES_CONNECTION}</connection-url>
    <driver-class>org.postgresql.Driver</driver-class>
    <driver>postgresql</driver>
    <security>
      <user-name>${env.POSTGRES_USER}</user-name>
      <password>${env.POSTGRES_PASSWORD}</password>
    </security>
</datasource>

With the Bean Shell expression it is not necessary to turning parameters into System Properties: just use the expression:

${env.SYSTEM_ENVIRONMENT_VAR}

Especially when running wildfly in a docker container, this can be very helpful, because you can pass through environment variables to the container:

docker run --name="wildfly" -d -p 8080:8080 -p 9990:9990 \
    -e WILDFLY_PASS="admin_password" \
    -e POSTGRES_USER="my-postgres-user" \
    -e POSTGRES_PASSWORD="mypassword" \
    -e POSTGRES_CONNECTION="jdbc:postgresql://postgres/mydb" \
    imixs/wildfly

Also in combination with docker-compose environment variables can be set in the docker-compose.yml file. See the next example of a docker-compose.yml file, which sets up a postgres service and a wildfly service with a connection pool configuration as defined before in the standalone.xml:

postgres:
 image: postgres:9.6.1
 environment:
 POSTGRES_PASSWORD: mypassword
 POSTGRES_DB: mydb

mywildflyservice:
 image: imixs/mywildfly
 environment:
 POSTGRES_USER: "my-postgres-user"
 POSTGRES_PASSWORD: "mypassword"
 POSTGRES_CONNECTION: "jdbc:postgresql://postgres/mydb"
 ports:
 - "8080:8080"
 - "9990:9990"
 - "8787:8787"
 links: 
 - postgres:postgres

This is an example, which we use in combination with the wildfly docker container provided by the Imixs-Workflow project.

Don’t model Business Behavior in Objects!

During the past years I saw many projects where nearly any kind of business requirements was modeled into the technical object model, independent of the reason of the requirement. In many cases, modelling business requirements into a technical object model is quite ok and I agree with it in general. But also modelling business requirements into the affected business objects can lead into a ugly and complicated data structure. Let’s look into a short example to illustrate my thoughts: Continue reading “Don’t model Business Behavior in Objects!”

How to Integrate Imixs-Workflow with Single Sign On

Imixs-Workflow can now be easily combined with the Open Source Identity and Access Management solution Keycloak. Keycloak is an Open Source Identity and Access Management Server which can be used together with Wildfly to authenticate users with a modern authentication mechanism based on OpenID Connect SAML and OAuth. This is a short tutorial how to setup the Single Sign On Server Keycloak and configure the Imixs-Workflow to authenticate users. Continue reading “How to Integrate Imixs-Workflow with Single Sign On”