There are several ways of configuring the security in Intalio (LDAP, SSO through CAS and openSSO, configuring WS-Security…).
Intalio server has to be configured with CAS for AuthN and Web-SSO.
To integrate security model (hierarchies, roles, users, permissions, etc.) in Intalio the best approach is to use any Virtual Directory as interface between your BPM app and MS Active Directory.
When developing BPM apps with Intalio, in design time, you can see synchronized security model in Intalio Designer. You can use RBAC too.
For extranet users if they will be starting the business process and People Initiating Process Activity (PIPA) if you use Intalio Console (ui-fw) to start the process, you just call the business process start event as an external web service (SOAP call) to start the process and this way your current security is unaffected for extranet users. Then once the process starts the activities (Tasks) are assigned to users on the LAN based on Role/User , you can integrate your LDAP into Intalio and these tasks can be accessed either through the Intalio Console (ui-fw) or through any other front end you would like accessing Intalio Task Management Services, Token Authentication, etc with SOAP calls. With it being accessed from an external system you can just call the token service passing in the users username and password to retrieve a token and use the token to access task lists, notifications, processes etc.
Intalio deafult security uses xml. You can configure the same with LDAP and you can implement security from database. Please follow the link http://wiki.intalio.com/Custom_Security_Provider_Sample. Instead of exposing intalio to extranet, you can initiate process from jsp project http://community.intalio.com/samples/invokeprocessfromjsp.html. Then you can host the jsp project alone in extranet.
If you like external users who initiated the task to be able to view what they have created from a status and you would like internal users to look at a summary of their tasks, as well as action upon them,
Intalio can handle this with “out of the box functionality” with no coding.
Intalio|Tempo fits into this scenario. TEMPO is a WS API based on BPEL4People specs and you could use any framework to create webapp for calling TEMPO. You have to write a fully fuctional Workflow front end to consume the web services. TEMPO uses the Intalio BPEL engine. It is just a WS API that exposes serveral functionalities (related to people interaction) of Intalio engine.
You can write a fully functional workflow app such TaskList, Request/Reject/Approval, etc. We recommend considering which technology fits to build this application: Portlet, Webapp standalone, webpart in Sharepoint etc.
The Intalio Liferay Connector provides Single Sign On capabilities between Liferay and Intalio Security Module as well as a portlet to list the current available tasks and processes.
Intalio|Portal allows end users to manage daily workloads from a single interface. The Enterprise Information Portal (EIP) enables a single integrated view of the user’s calendar, email, task list, and any other portlet provided by the IT department. Intalio|Portal is integrated with the Workflow Framework of Intalio|Server and Intalio|ECM in order to provide direct access to any workflow tasks and documents.
In the example displayed on the left, the Workflow Task Manager is embedded in the end user portal so that tasks can be easily viewed as part of an everyday routine, next to email and calendar. In this particular case, the HR Manager is being asked to approve an employee’s absence request. After clicking on the task, a separate window pops up to fulfill the request.
In the example displayed on the left, the Workflow Task Manager is embedded in the end user portal so that tasks can be easily viewed as part of an everyday routine, next to email and calendar. In this particular case, the HR Manager is being asked to approve an employee’s absence request. After clicking on the task, a separate window pops up to fulfill the request.
Intalio|Portal is based on the Liferay open source project. The Liferay|Intalio integration project was funded under the Demand Driven Development (D3) model introduced by Intalio in 2006. The idea behind D3 is to allow customers to steer Intalio’s product development roadmap in specific directions, then participate in the overall development process through syndicated funding. Development is billed at cost, and sponsors receive credits toward the licensing of Intalio|BPP Enterprise Edition equivalent to 50% of their participation in their first D3 project. The Liferay|Intalio integration D3 project was jointly funded by three sponsors.
End Users
The Task Manager component of Intalio|Server is packaged as a portlet that can be deployed in Intalio|Portal, so that tasks can be completed alongside other daily operations, such as checking email or viewing calendar items. Default portal layouts can be designed directly from the portal interface. Depending on their permissions, users can easily add and remove content and portlets, and rearrange the sections on the portal page to maximize productivity. The look and feel of the portal and associated portlets can be setup to provide customized colors, layouts, and typography. Additionally, portal designs can be managed from an extensive set of standard themes. End users also have the ability to designate certain sections where trusted participants can build their own content sections.
Out of the box, users have access to the following standard portlets:
- § Calendars
- § Polls
- § Blogs and Blog Aggregation
- § Breadcrumb Trails
- § Message Boards
- § News and RSS Feeds
- § Projects
- § Wikis
Administrators
Intalio|Portal administrators have responsibility for the entire site. They can determine the level of access end users have throughout the portal, and their ability to customize their personal environments. Administrators can also define delegated administrators, so that marketing managers or product managers, for example, can be responsible for administrating their own department’s sites. Additionally, portals can be set up for extranets, building collaboration sites for partner and supplier networks. Delegated administrators can also be assigned to the appropriate sections of extranet sites.
Functionality for sitewide administration of the portal includes:
- § Permissions
- § Creating public and private pages
- § Setting up virtual hosting
- § Upload themes
- § Creating simple workflow patterns
Developers
Developers can use Intalio|Portal to develop portlets providing access to a variety of packaged applications and back-end systems. A portlet container is a server-side software component capable of running portlets. A portal is a web application that includes a portlet container, and may offer additional services to the end-user. Intalio|Portal includes its own portlet container, and offers functionalities such as user and organization administration, creation of virtual communities, pages based on portlet layouts, graphical selection of portlets with drag-and-drop placement, page grouping into websites, several bundled ready-to-use portlets, and much more.
Intalio|Portal provides an extension environment (also known as the ext environment), which is a set of tools that allow developers to build their own portals and portlets. It can be seen as a Software Development Kit that is independent of any IDE, but integrates well with all of them thanks to its usage of ant, the most popular build tool. Another way to think about the extension environment is as a wrapper for the core source because, in most cases, it mirrors core source directories (i.e. ext-impl/ for portal-impl/, ext-web/ for portal-web/). It allows the use of Intalio|Portal as a development platform, providing help when an upgrade to a new version is needed. The environment is designed to keep custom code separate from the Intalio|Portal code, so that upgrades can be made easily.
Features
Architecture
- § J2EE Architecture
- § Service Oriented Architecture (SOA) with Web Services Support
- § LDAP Support and Integration
- § Portal as a Platform for Rapid Portal Deployment
- § Secure Enterprise Application Integration Framework
Foundation Technologies
- § Ehcache
- § Hibernate
- § ICEfaces JavaScript
- § Intalio|ESB
- § Intalio|Server
- § jQuery
- § Lucene
- § PHP
- § Ruby
- § Seam
- § Spring Framework & AOP
- § Struts & Tiles
- § Tapestry
- § Velocity
Supported Standards
- § JSR-127
- § JSR-170
- § JSR-286
- § AJAX
- § iCalendar & Microformats
- § WebDAV
- § OpenSearch
- § Burlap
- § Hessian
- § JSON
- § REST
- § RMI
- § WSRP
Supported Languages
- § Arabic
- § Catalan (Spain)
- § Chinese (Simplified)
- § Chinese (Traditional)
- § Czech
- § Dutch
- § English (US)
- § Finnish
- § French
- § German
- § Greek
- § Hungarian
- § Italian
- § Japanese
- § Korean
- § Persian
- § Portuguese
- § Russian
- § Spanish
- § Swedish
- § Turkish
- § Vietnamese
Best Regards,
Roberto Pasti
Phone number: +49 1577 8342301
Email address: pasti@intalio.com
Skype account: robertopasti
Web: www.intalio.com
Intalio delivers private cloud computing solutions deployable anywhere, on demand or on premises.
BPM
CRM
Document Management
Social Collaboration
Online Productivity
Application Development
Application Integration
Process Automation
Reporting & Analytics
Runtime Components
Amazon Deployment
On Premises Deployment
IaaS for Any Application
Secure Tenant Isolation
Business Activity Monitoring
Business Rules Engine
Direct Database Access
Enterprise Service Bus
Federated Search
Microsoft Office Integration
User Interface
File Size Limit
Custom Objects
Database Joins
Execution Limits
