When I disable the authorization by setting in Spring application.yml:
The Cockpit webapp shows the login dialog. Why?
We are running Camunda embedded and the Cockpit works well when authorization is enabled and with a ServletFilter we add a user to the identity service and perform a login through the UserAuthenticationResource. However, that was a temporarily hack as we didn’t got it to work with the authorization disabled.
Now we like to solve it properly and authorization should be disabled, and the hack filter removed, as we don’t use it as we have our own authentication/authorization handled through Spring Security, and enabling the authorization is a unnecessary performance burden (according to the Camunda doc’s)
The Backend calls that the cockpit performs to the backend are:
- https://domain.com/app/cockpit/ --> will forward to use the process engine in the url:
… (include assets like js files)
- https://domain.com/api/engine/engine/ (to retrieve the process engine name (strange as was already in the url)
https://domain.com/api/admin/auth/user/ -->>>> HTTP 404 —> shows login dialog
The 404 is because the UserAuthenticationResource of Camunda doesn’t find any valid authentication object, which is correct as authorization is disabled
Please some help on how to solve this?