Web Services API: User Impersonation with ImpersonateUsername parameter


#1

As of WorkflowGen version 5.6.3, all user context-based API web methods support impersonation. This means that an authorized user can call a web method on behalf of another user.

Security

The impersonation feature is restricted to allowed users as defined in the ProcessesRuntimeWebServiceAllowedUsers entry in the \wfgen\web.config file.

Usage

There are two ways to set the ImpersonateUsername value:

  • As a querystring parameter; in this example, a list of "todo" actions for jsmith:
    http://myserver/wfgen/ws/ProcessesRuntime.asmx/GetActivityInstanceList?query=todo&impersonateusername=jsmith
    
  • As a SOAP header parameter; in this example, to complete an action on behalf of jsmith:
    // Settings and parameters
    CompleteActivityInstanceHeader myCompleteActivityInstanceHeader = new CompleteActivityInstanceHeader();
    
    myCompleteActivityInstanceHeader.ImpersonateUsername="jsmith";
      
    // Set NetworkCredentials with the credentials of the current connected user
    RuntimeService myRuntimeService = new RuntimeService();
    myRuntimeService.CompleteActivityInstanceHeaderValue = myCompleteActivityInstanceHeader;
    myRuntimeService.Credentials = CredentialCache.DefaultCredentials;
                
    // Call the Web Service API method
    myRuntimeService.CompleteActivityInstance(1,2,wfgContext);
    

Web Services API
How to use Kendo UI Core to create a list of WorkflowGen actions to do