Embedded camunda-engine Authorization



I have Java Application with embedded Camunda Engine, to implmenet custom api, deployed on Wildfly.

I have enabled Basic Auth in web.xml, integrate wildfly with ldap.
Everything is good, auth works perfect, but I want to use camunda's authorization manager, to authorize requests.

Problem is that Context.getCommandContext() returns null.

Below is my configuration:

public class AlcyoneApplication extends Application {

    public Set<Class<?>> getClasses() {
        Set<Class<?>> classes = new HashSet<Class<?>>();


//        add every custom rest-endpoints here

        return classes;

public class AlcyoneProcessEngineProvider implements ProcessEngineProvider {

    public ProcessEngine getDefaultProcessEngine() {
        return ProcessEngines.getDefaultProcessEngine();

    public ProcessEngine getProcessEngine(String name) {
        return ProcessEngines.getProcessEngine(name);

    public Set<String> getProcessEngineNames() {
        return ProcessEngines.getProcessEngines().keySet();


I use this code to authorize request in jaxrs endpoint:

public class CustomTaskController {

    public Response getTasksCustom(@QueryParam("firstResult") Integer firstResult,
                                   @QueryParam("maxResults") Integer maxResults,
                                   TaskQueryCustomDto queryDto) {

                                             .checkAuthorization(Permissions.READ, Resources.TASK, Authorization.ANY);


        return Response.status(HttpStatus.SC_OK).entity(null).build();

And here is problem: Context.getCommandContext() == null


Hi @Lasha_Gureshidze,

Context#getCommandContext and all the rest is internal API, and in particular is not supposed to work in the way you use it. I recommend to use AuthorizationService#isUserAuthorized instead to check if a user is allowed to perform a certain action.