Hi,
I don’t know, if this is a Camunda question or a commen Tomcat question. But I hope you can help me.
Right now we are using the Community Edition of Camunda with a MySQL database. We are running the Camunda webapps in a docker image (camunda-run) and modified the default.yml file so we can use LDAP authentication (username is our user e-mail address).
When I open the webapps, I can login and everything is fine.
Our project structure is as follows:
Intranet → Docker with Angular GUI → Docker with JAVA REST Backend → — REST CALLS → Camunda REST-API (no authentication activated here)
Now the problem:
We have an intranet web portal where every user is logged in with the e-mail address and password. This are the same credentials as required / configured for Camunda.
In our intranet will be a link to the open tasks of the current logged in user. We got the open tasks by using the REST API. When the user now opens a link to an open Task, the Angular-GUI will be loaded. The user complete his tasks and initiate a REST call to our REST API from our business logic module. This module will make a REST call to the Camunda REST API.
How can I guarantee that only the correct user, that is authenticated with our intranet (LDAP) is allowed to open and complete the task?
Is there a chance to make s login against the Camunda REST API to get a session token?
Thanks in advanced,
Rainer