As of WorkflowGen version 5.6.3, all user context-based API web methods support impersonation. This means that an authorized user can call a web method on behalf of another user.
Security
The impersonation feature is restricted to allowed users as defined in the ProcessesRuntimeWebServiceAllowedUsers entry in the \wfgen\web.config file.
Usage
There are two ways to set the ImpersonateUsername value:
-
As a querystring parameter; in this example, a list of
todoactions forjsmith:http://myserver/wfgen/ws/ProcessesRuntime.asmx/GetActivityInstanceList?query=todo&impersonateusername=jsmith -
As a SOAP header parameter; in this example, to complete an action on behalf of
jsmith:// Settings and parameters CompleteActivityInstanceHeader myCompleteActivityInstanceHeader = new CompleteActivityInstanceHeader(); myCompleteActivityInstanceHeader.ImpersonateUsername="jsmith"; // Set NetworkCredentials with the credentials of the current connected user RuntimeService myRuntimeService = new RuntimeService(); myRuntimeService.CompleteActivityInstanceHeaderValue = myCompleteActivityInstanceHeader; myRuntimeService.Credentials = CredentialCache.DefaultCredentials; // Call the Web Service API method myRuntimeService.CompleteActivityInstance(1,2,wfgContext);