marc
September 19, 2017, 11:09am
1
Hi,
I’m trying to configure Http Basic Authentication in the process engine, deployed on jboss EAP 7; we configured filters following this:
https://docs.camunda.org/manual/7.7/reference/rest/overview/authentication/
The problem occurs with CORS OPTION requests: the extractAuthenticatedUser method in the HttpBasicAuthenticationProvider class always returns unsuccessful because OPTION requests does not contain authentication headers.
Any suggestion about this problem?
Thanks,
Marco
dar88rm
September 26, 2017, 7:06am
2
Hi Marc,
a workaround could be check if the request is an Option and then allow it.
if("OPTIONS".equalsIgnoreCase(request.getMethod())) {
return AuthenticationResult.successful("admin");
}
Hope this is useful.
BR,
Dario
marc
September 26, 2017, 8:10am
3
Hi Dario,
I tried your workaround and it works but you are using the username “admin” to authenticate. Could it be a security issue?
And if I use the LDAP Identity Service (https://docs.camunda.org/manual/7.7/user-guide/process-engine/identity-service/ ), what username can I use?
Thanks,
Marco
Hi @marc were you able to find another solutions than the workaround proposed by dar88rm ?