DDevelopment & Design

Activiti – are you ready for BPMN 2.0?

  • bympr
  • March 27, 2011
  • 5 minute read
From the beginning of this year I got quite involved in project called Activiti. It’s a “light-weight workflow and Business Process Management (BPM) Platform” (according to creators. The project is led by JBPM creators – Tom Bayens and Joram Barrez and is backed by Alfresco and several other companies. I also contributed some small features :) Activiti has already made some noise in BPM world – check thisthisor this, and of course InfoQ.
So, what’s the fuss all about? What makes Activiti special? Of course – it depends what are you comparing it with. My experience involves mainly working with open source BPEL implementation, but I think some points remain valid.

So, here is my list of distinctive features:

BPMN 2.0 support I took quite a lot of time for this spec to arrive, but it’s finally here. The biggest step ahead comparing with BPMN 1.x is execution model – no more BPEL, you can use the same diagram for modelling and execution, and it has proper xsd schema! Of course, it won’t solve all round-trip headaches, but I think it’s quite important improvement. XML describing BPMN 2.0 process consists of nodes definitions and transition definitions: Activiti is one of the first BPM engines offering BPMN 2.0 support. Currently not all nodes are supported, but the list includes:
* exclusive and paralell gateways  

  • timer boundary and intermediate events (timer start event almost ready)    

  • various tasks: script, user, service, manual, rules, receive    

  • error events and handling them    

  • subprocesses (both embedded or not)     Not all of these nodes are fully defined in spec – e.g. it does not describe how service task invocation should look like. Therefore, Activiti comes with a set of custom extensions. They are meant to be as non-intrusive as possible – to make processes more portable. One of most commonly used are ones for describing service task behaviour: Another useful extension enables to associate html form and candidate user with user task: One of nice features of BPMN 2.0 is also providing xml schema for describing process diagram – aka Diagram Interchange. This enables good engines (such as Activiti ;)) to generate process diagram just on the basis of xml definition – which makes importing processes modelled in some external tool much easier. It looks like this: Maybe not too beautiful, but usable.

Goal of supporting full BPM cycle

Do you (still) believe that future tools for creating business processes will allow users to get rid of developers? I do not… Unless of course, business people will learn how to code ;) Otherwise what we’ll be left with are some nice zero-coding tools which look great on 15minutes (or event 2hours if they’re exprensive enough) but after running into real-life problems will demand extensive hacking.
Activiti pursues different goal, and proposes developing process cycle layer. Key points of this proposition are:

  • zero coding solutions won’t work
  • analysts are needed to model the process, developers are needed to create executable processes, and operations are needed to deploy and monitor them
  • each of these groups have their own set of tools which they’re familiar with
  • so let’s not reinvent the wheel but encourage them to collaborate but use their set of tools

So, how to achieve this? By creating another web application, of course ;) It’s name is Activiti Cycle and it’s meant to encourage collaboration between business, developers and operations, while allowing each of them to use their own, specific tools in their daily job. It’s more like a federated repository of BPM assets, such as Visio Diagrams, BPMN process definitions, maven process projects, deployment packages and so on. These artifacts can be linked, commented and tracked by various process stakeholders and also transformed.

Easy to embed and extend, also by quasi-REST API

One of biggest pains of BPEL based solutions is that they force you to integrate with the rest of you app using webservices. Fortunately, this is no longer the case. You can embed activiti engine in your (for example) Spring application just by importing few jars and configuring it as any other Spring component:
This is of course great for running processes that handle some Java tasks. What about user tasks? Activiti comes with decent webapps for handling human tasks and monitoring process state: Activiti Explorer – screens shows the list of tasks for a given user:  

Activiti Probe – screen shows monitoring process instance:  

But what if you want to/have to use some other frontend technology? Webapps that I mentioned before are really thin clients – all logic is hidden behind Activiti’s quasi-REST API (I use the word quasi not to be beaten by RESTafarians who will surely point out that Activiti API is just RPC over HTTP…). That means you can embed Activiti in you webapps/OSGi container/any other environment and integrate with frontend webapps using handy JSON/HTTP communication. Which looks more or less like this:

Using (defacto) standards When you create application using Activiti chances are high that you know many (if not all) building blocks & techniques:

  • development? Eclipse plugin & maven
  • connecting components together? you can choose: spring or (for JEE6 lovers) CDI
  • testing? just do your normal TDD (you do it, right? ;)) using Activiti JUnit testing utils

Eclipse plugin includes visual modeler, which enables you to draw executable BPMN 2.0 processes, and fill all needed properties:

It uses Diagram Interchange format, so process diagram layout will remain the same when displaying process diagram in other applications. Testing is also pretty easy, as Activiti comes with good JUnit support. One of small, but important features is ability to simulate the clock – very handy when dealing with long running tasks.

Good integration capabilities

Activiti comes with capabilities allowing for integration with three most popular open source integration frameworks:

  • Mule ESB – integration is written by MuleSoft
  • SpringIntegration, contributed by SpringSource
  • last but cetainly not least: Apache Camel – which is contributed by TouK ;) – it’s still work in progress, but I hope to write a blog post soon about integrating Camel & Activiti

This allows to build processes that are closer to orchestration than simple workflows, containing only (or mostly) human tasks. Each of these integration frameworks comes with a vast collection of adapters using all popular (and not so popular) communication protocols. This allows process engine to concentrate on the process, and not on the communication details.

Summary I think it’s quite impressive set of features for a product that is less than year old. And what are Activiti plans for the future? Tom Bayens recently announced that Activiti is going to support some sort of Adaptive Case Management – which is one of top buzzwords in process world. Other goals include:

  • asynchronous continuations
  • moving towards full support of BPMN 2.0
  • extending Activiti Cycle – check Bernd’s Ruecker screencast showing Activiti Cycle approach to handling collaboration between analysts, developers and admins – it’s quite impressive

As for me, I’m finishing adding support for start timer tasks and hope to post something on Activiti-Camel intergration and running Activiti in OSGi environment soon – especially Apache Servicemix – so stay tuned. If you’ve found Activiti interesting, please start with 10 minutes 

Getting started guide, and if you know Polish, you can also have a look at my slides from Warsaw JUG presentation Thanks for reading my first post on this blog – hope you liked it.

— Previous article

How to run multiple guest OS in QEMU?

Next article —

Spring Security by example: securing methods

You May Also Like
DDevelopment & Design

Phonegap / Cordova and cross domain ssl request problem on android.

In one app I have participated, there was a use case:
  • User fill up a form.
  • User submit the form.
  • System send data via https to server and show a response.
During development there wasn’t any problem, but when we were going to release production version then some unsuspected situation occurred. I prepare the production version accordingly with standard flow for Android environment:
  • ant release
  • align
  • signing
During conduct tests on that version, every time I try to submit the form, a connection error appear. In that situation, at the first you should check whitelist in cordova settings. Every URL you want to connect to, must be explicit type in: 
res/xml/cordova.xml
If whitelist looks fine, the error is most likely caused by inner implementation of Android System. The Android WebView does not allow by default self-signed SSL certs. When app is debug-signed the SSL error is ignored, but if app is release-signed connection to untrusted services is blocked.



Workaround


You have to remember that secure connection to service with self-signed certificate is risky and unrecommended. But if you know what you are doing there is some workaround of the security problem. Behavior of method 
CordovaWebViewClient.onReceivedSslError
must be changed.


Thus add new class extended CordovaWebViewClient and override ‘onReceivedSslError’. I strongly suggest to implement custom onReceiveSslError as secure as possible. I know that the problem occours when app try connect to example.domain.com and in spite of self signed certificate the domain is trusted, so only for that case the SslError is ignored. 

public class MyWebViewClient extends CordovaWebViewClient {

   private static final String TAG = MyWebViewClient.class.getName();
   private static final String AVAILABLE_SLL_CN 
                               = "example.domain.com";

   public MyWebViewClient(DroidGap ctx) {
       super(ctx);
   }

   @Override
   public void onReceivedSslError(WebView view, 
                                  SslErrorHandler handler, 
                                  android.net.http.SslError error) {

       String errorSourceCName = error.getCertificate().
                                  getIssuedTo().getCName();

       if( AVAILABLE_SLL_CN.equals(errorSourceCName) ) {
           Log.i(TAG, "Detect ssl connection error: " + 
                       error.toString() + 
                       „ so the error is ignored”);

           handler.proceed();
           return;
       }

       super.onReceivedSslError(view, handler, error);
   }
}
Next step is forcing yours app to  use custom implementation of WebViewClient. 

public class Start extends DroidGap
{
   private static final String TAG = Start.class.getName();

   @Override
   public void onCreate(Bundle savedInstanceState)
   {
       super.onCreate(savedInstanceState);
       super.setIntegerProperty("splashscreen", R.drawable.splash);
       super.init();

       MyWebViewClient myWebViewClient = new MyWebViewClient(this);
       myWebViewClient.setWebView(this.appView);

       this.appView.setWebViewClient(myWebViewClient);
       
       // yours code

   }
}
That is all ypu have to do if minSdk of yours app is greater or equals 8. In older version of Android there is no class 
android.net.http.SslError
So in class MyCordovaWebViewClient class there are errors because compliator doesn’t see SslError class. Fortunately Android is(was) open source, so it is easy to find source of the class. There is no inpediments to ‘upgrade’ app and just add the file to project. I suggest to keep original packages. Thus after all operations the source tree looks like:

Class SslError placed in source tree. 
 Now the app created in release mode can connect via https to services with self-signed SSl certificates.