401 on TaskList API with default install (basic auth)

tdsproulelendscape · March 7, 2024, 12:00am

Hi all,

Just trying to create a Java POC with self managed local Camunda 8.4.4 & camunda-tasklist-client-java:8.4.0.3 - and have self managed deployed environment using supplied docker compose - with no Identity - just basic auth. I’m using

        SimpleConfig simpleConf = new SimpleConfig();
        simpleConf.addProduct(Product.TASKLIST, new SimpleCredential("demo", "demo"));
        Authentication auth = SimpleAuthentication.builder().simpleUrl("http://localhost:8081").simpleConfig(simpleConf).build();

        CamundaTaskListClient client = CamundaTaskListClient.builder().
                taskListUrl("http://localhost:8082").shouldReturnVariables().shouldLoadTruncatedVariables().authentication(auth).build();

        TaskSearch ts = new TaskSearch().setProcessDefinitionKey("agreement_review");
        TaskList tasksFromInstance = client.getTasks(ts);

I can see that TaskList seems to be creating the default users:

2024-03-06 23:12:38.153  INFO 7 --- [           main] i.c.t.w.StartupBean                      : INIT: Create users if not exists ...
2024-03-06T23:12:38.166115972Z 2024-03-06 23:12:38.165  INFO 7 --- [           main] c.t.w.s.s.SearchEngineUserDetailsService : Create user with userId demo
2024-03-06T23:12:38.315033343Z 2024-03-06 23:12:38.314  INFO 7 --- [           main] c.t.w.s.s.SearchEngineUserDetailsService : Create user with userId view
2024-03-06T23:12:38.393446667Z 2024-03-06 23:12:38.393  INFO 7 --- [           main] c.t.w.s.s.SearchEngineUserDetailsService : Create user with userId act

I’m always getting a 401 (auth fail) on my task query:

2024-03-06T23:33:40.954Z ERROR 38076 --- [nio-9001-exec-1] o.a.c.c.C.[.[.[/].[dispatcherServlet]    : Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception [Request processing failed: io.camunda.tasklist.exception.TaskListException: Error searching tasks] with root cause

io.camunda.tasklist.generated.invoker.ApiException: searchTasks call failed with: 401 - {"message":""}
	at io.camunda.tasklist.generated.api.TaskApi.getApiException(TaskApi.java:68) ~[camunda-tasklist-client-java-8.4.0.3.jar:na]
	at io.camunda.tasklist.generated.api.TaskApi.searchTasksWithHttpInfo(TaskApi.java:577) ~[camunda-tasklist-client-java-8.4.0.3.jar:na]
	at io.camunda.tasklist.generated.api.TaskApi.searchTasks(TaskApi.java:551) ~[camunda-tasklist-client-java-8.4.0.3.jar:na]
	at io.camunda.tasklist.CamundaTaskListClient.getTasks(CamundaTaskListClient.java:443) ~[camunda-tasklist-client-java-8.4.0.3.jar:na]
	at io.camunda.tasklist.CamundaTaskListClient.getTasks(CamundaTaskListClient.java:421) ~[camunda-tasklist-client-java-8.4.0.3.jar:na]
	at io.camunda.tasklist.CamundaTaskListClient.getTasks(CamundaTaskListClient.java:326) ~[camunda-tasklist-client-java-8.4.0.3.jar:na]
	at

I’ve tried the other created users view/act - with same result. I can login to TaskList with demo/demo no problem. I don’t see anything being logged in TaskList iself.

Just trying to avoid setting up Idendity/Keycloak for my simple POC.

Suggestions?

tdsproulelendscape · March 7, 2024, 8:28am

I can get my code snipped working with SaaS credentials from the my SaaS environment. So I’m confident the API call itself it OK.

I could use some guidance on how to set up SimpleConfig.

Ta

nathan.loding · March 8, 2024, 5:35pm

Hi @tdsproulelendscape - I believe there is a known bug with the latest version of spring-zeebe and the simple authentication, and the camunda-tasklist-client-java package depends on spring-zeebe. If you update the dependency to spring-zeebe:8.4.2-rc1 it should work. Here’s a working example one of our consultants created when troubleshooting this exact issue recently: camunda-deep-dives/tasklist-client-examples at main · upgradingdave/camunda-deep-dives · GitHub

Aykut_Yuksek · March 26, 2024, 4:30pm

hi @nathan.loding, when i try to import your example project, i am getting error in my pom.xml like that i am sharing. why is this happening?

nathan.loding · March 26, 2024, 4:47pm

@Aykut_Yuksek - you can look at some related solutions (like this) or open an issue in that GitHub repository.

Nishant_Arya · April 23, 2024, 1:28pm

@tdsproulelendscape did you found a solution or workaround i am also stuck in same issue

Nishant_Arya · April 23, 2024, 1:34pm

Can you help not sure where i am wrong
→ dependency

	implementation ‘org.springframework.boot:spring-boot-starter-web:3.1.3’
	implementation ‘org.springframework.boot:spring-boot-starter:3.1.3’
	implementation ‘io.camunda.spring:spring-boot-starter-camunda:8.4.0’
	compileOnly ‘org.projectlombok:lombok:1.18.30’
	annotationProcessor ‘org.projectlombok:lombok:1.18.30’
	implementation ‘org.projectlombok:lombok:1.18.30’
	//implementation ‘org.camunda.bpm:camunda-engine-spring:7.20.0’
	implementation ‘com.h2database:h2:2.2.224’
	implementation ‘io.camunda.spring:spring-client-zeebe:8.4.1’
	implementation ‘io.camunda:zeebe-client-java:8.4.1’
	implementation ‘io.camunda.spring:java-client-operate:8.3.4’
	implementation ‘io.camunda:camunda-tasklist-client-java:8.4.0.7’

—> config
{
@Bean
public CamundaTaskListClient taskListClient() {
SimpleConfig simpleConf = new SimpleConfig();
simpleConf.addProduct(Product.TASKLIST, new SimpleCredential(“demo”, “demo”));
Authentication auth = SimpleAuthentication
.builder()
.simpleUrl(“http://localhost:8081”)
.simpleConfig(simpleConf)
.build();
try {
return CamundaTaskListClient.builder()
.taskListUrl(“http://localhost:8082”)
.authentication(auth)
.build();
} catch (TaskListException e) {
log.error(“Error initializing CamundaTaskListClient”, e);
throw new RuntimeException(e);
}
}

}

—> usage

    TaskSearch ts = new TaskSearch().setProcessInstanceKey("2251799813948324");
    TaskList tasksFromInstance = taskListClient.taskListClient().getTasks(ts);

—> Error

io.camunda.tasklist.generated.invoker.ApiException: searchTasks call failed with: 401 - {“message”:“”}

tdsproulelendscape · April 23, 2024, 1:55pm

Hi @Nishant_Arya

Sorry - can’t help with no auth. We tried the suggested solution but could not get it work.
We ended up deploying local KeyCloak with our self hosted POC - and used SimpleCredential

      SimpleCredential simpleCredential = new SimpleCredential("demo", "demo");
      SimpleConfig simpleConfig = new SimpleConfig();
      simpleConfig.addProduct(Product.TASKLIST, simpleCredential);
      auth = SimpleAuthentication.builder().simpleConfig(simpleConfig).simpleUrl(zeebeAuthURL).build();

nathan.loding · April 23, 2024, 9:02pm

@Nishant_Arya - if you look at the comments above, there’s a bug with the spring-zeebe package and the fix requires version >=8.4.2-rc1. It looks like you are using 8.4.1. The camunda-tasklist-client-java package is a community-maintained package, not an official Camunda product, so I’m not sure how up to date it is either.

We do recognize these difficulties with the APIs, and this is one reason we are building a unified REST API. It’s in active development and targeting the 8.6 release in the fall, and many of these headaches should be resolved then.

system · July 22, 2024, 9:03pm

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.