Securing Camunda rest api with LDAP

Cynizm · November 26, 2021, 9:54am

Hi, Im using LDAP plugin for Camunda cockpit login, however I would like to secure Camunda rest api with LDAP as well, how can I do that? I tired to create a custom authentication filter and register it, but this did not work, all requests are going through. Are there any examples?

    @Bean
    public FilterRegistrationBean<Filter> processEngineAuthenticationFilter() {
        FilterRegistrationBean<Filter> registration = new FilterRegistrationBean<>();
        registration.setName("camunda-auth");
        registration.setFilter(gemMyCustomFilter());
        registration.addUrlPatterns("/rest/*");
        registration.setOrder(1);
        return registration;
    }

Ingo_Richtsmeier · November 26, 2021, 10:52am

Hi @Cynizm,

using the camunda-bpm-spring-boot-starter, the authorization is disabled by default. You have to enable it explicitly in your application.yaml: Process Engine Configuration | docs.camunda.org.

Hope this helps, Ingo

Cynizm · November 26, 2021, 10:53am

Hi @Ingo_Richtsmeier, I have that enablesd:

    camunda:
      bpm:
        authorization:
          enabled: true

Ingo_Richtsmeier · November 26, 2021, 11:16am

Hi @Cynizm,

here is an example that has a difference to yours: code/snippets/springboot-rest-api-basic-auth at master · camunda-consulting/code · GitHub

Hope this helps, Ingo

system · January 30, 2024, 1:35pm