So we are getting successfully authenticated in the engine of the webapp. But our remote engine still doesn’t know anything about an authenticated user. So for all other requests which the cockpit does (e.g. fetching process list), the remote engine allows everything. (Because no auth check is done if there is no currentAuthentication)
I’ve already tried to include the UserAuthenticationResource to our remote rest api. (I also fixed the CORS problems)
Problem is that there is no way to change the endpoint of the login request from cockpit …
Although I’ve already replaced admin-api endpoint in the index.html, the request goes to the internally api.
It looks like that the login module is not part of the webapp? (Found some components for this in camunda-commons-ui)
So how can I use camunda webapp + authentication against a remote engine?
sure, we can use some reverse proxy like zuul or so, but the prefered way would be to directly use the correct endpoint.
I just saw that the tasklist and admin view are using the admin-api parameter in base tag.
Both are sending all admin api requests to our defined endpoint.
hm, basically this helps, but now all requests against cockpit api (Loading plugin stuff and so on) have an error because my Services doesn’t contains those resources.
Why is the URI from cockpit-api used for this? With this hardcoded ‘…/admin/’? This is not very consistent regarding tasklist / admin app …
From what I can see UriProvider.replace method is just simple assignment, so if you create module that uses it after cockpit it should be possible to override cockpit provided value.
many thanks for you help, but we’ve created a support ticket for this.
(Because we also need a client change regarding cors, which we can not do ourselves)