Hi Eddie,
I am not entirely sure about your use case, this is what I understand, you want to use a BAW uploaded web file to be accessed in an email as embedded content, that is the email sent will only have a link to the resource and not the actual file.
I can think of 2 different approaches which may work for you, assuming my understanding of your use case is correct (Both approaches are tested for different use case, but may fit your needs):
- Try sending the resource as an attachment and then using the attachment to show in the email body. I have used something like this in one of my project, where we take a screenshot, upload it to BPM document store, use tw.system.findDocumentByID(ID).writeDataToFile(server temp location) to save it in temp directory, then use the OOTB email service to send this file as an attachment or as an embedded file. We can send multiple attachments also and as embedded images as needed. And then delete the file from temp directory [In our case we also delete from document store as we do not need it, but in your case you do not need to] - This has been tested in Outlook client with Microsoft exchange and in Gmail as recipient email ID account.
- The other way is to use TAI for this, in which case you can check the incoming request and see if the requested URI is of a Web file, in isTargetInterceptor method and if it, then invoke the negotiateValidateandEstablishTrust method to check if the file requested is indeed the one that you want to be available w/o authentication (This can be hard coded or can be stored in a Name Space binding under "Environment" -> "Naming" -> "name Space binding" in WAS Console). If it is then you can login the user with a new TAI specific ID (you can create a new one) to log the user in with that specific ID. You should also implement a logout logic in the same code to make sure if the request is coming for any other ID and the user is logged in with this specific ID, then logout the user.
#2 may sound like an overkill for the purpose of sending an email, which it is. But technically it should work. Our use case was specific to logging user in automatically from outside of BPM under specific conditions (REST APIs JWT validations, External Portal using BPM Workflow
and UI) and also log them out when those conditions are not met, if the user is still logged in and do nothing otherwise.
Some of the design decisions would also depend upon whether the user you are sending the email to is Internal / External to organization and / or is supposed to have access to your BAW environment or not. But in any case the above 2 approaches should work.
------------------------------
Shivam Verma
BPM Consultant
IBM BPM Architect
UI Developer / UX Designer
------------------------------
Original Message:
Sent: Tue October 19, 2021 05:41 AM
From: Eddie J
Subject: How to access BAW resouces externally without authorization
Hi guys,
Is there a way to access web file out of BAW workflow without authorization? I try to access the image which is uploaded as a web file in BAW. But it always asks authorization in case try to access the web file directly. Plz help to advise , tks!
------------------------------
Eddie J
------------------------------