SSO in camunda


#1

Hi All,

I am trying to integrate camunda with Keycloak for SSO.

I wrote a filter class which will take the same username from keycloak username and login with the same user name in camunda.I was able to achieve Single Sign On. But when I logout from Camunda , Single Sign out is also not happening and when I open a different browser it gets logged in again with the previous username.

Could you tell me how to override the logout mechanism or how to achieve Single Sign Off then it will be very helpful.


#2

Hi svsd,

Could you please help me with the Keycloak integration with Camunda? I have been trying but not successful. I would like to know how you have achieved the SSO using Keycloak.
Please help me by providing some information or some reference links.

Thank you,
Vinay.


#3

Check out this project: https://github.com/PhilippHeuer/camunda-sso


#4

Hi Philipp, Thank you so much for the reference. I have checked it and noticed that you have mentioned about a docker image of the keycloak. Could you please provide me with the docker image of keycloak with sso configuration setup? The reason I am asking for this image is, I am confused on how to create the roles in Keycloak. Should I create them as realm roles or client roles ? Please help.
Thank you!


#5

I opened a pull request to get those changes and a few others merged back into the camunda main repo: https://github.com/camunda/docker-camunda-bpm-platform/pull/83
It also contains a list of all changes i already made / am still planning to make.

This is my repo and the image i use right now: https://github.com/PhilippHeuer/docker-camunda-bpm-platform
I also publish it into a gitlab registry right now, which i use myself: https://gitlab.com/PhilippHeuer/docker-camunda-bpm-platform/container_registry


#6

@VinayMatam As for configuration - as for any app you connect in sso you should create a client (ex. app-camunda) and create the roles (camunda-admin, camunda-tasklist, camunda-api, camunda-cockpit) as roles under app-camunda. (not as realm roles)