401 on TaskList API with default install (basic auth)

Hi all,

Just trying to create a Java POC with self managed local Camunda 8.4.4 & camunda-tasklist-client-java:8.4.0.3 - and have self managed deployed environment using supplied docker compose - with no Identity - just basic auth. I’m using

        SimpleConfig simpleConf = new SimpleConfig();
        simpleConf.addProduct(Product.TASKLIST, new SimpleCredential("demo", "demo"));
        Authentication auth = SimpleAuthentication.builder().simpleUrl("http://localhost:8081").simpleConfig(simpleConf).build();

        CamundaTaskListClient client = CamundaTaskListClient.builder().
                taskListUrl("http://localhost:8082").shouldReturnVariables().shouldLoadTruncatedVariables().authentication(auth).build();

        TaskSearch ts = new TaskSearch().setProcessDefinitionKey("agreement_review");
        TaskList tasksFromInstance = client.getTasks(ts);

I can see that TaskList seems to be creating the default users:

2024-03-06 23:12:38.153  INFO 7 --- [           main] i.c.t.w.StartupBean                      : INIT: Create users if not exists ...
2024-03-06T23:12:38.166115972Z 2024-03-06 23:12:38.165  INFO 7 --- [           main] c.t.w.s.s.SearchEngineUserDetailsService : Create user with userId demo
2024-03-06T23:12:38.315033343Z 2024-03-06 23:12:38.314  INFO 7 --- [           main] c.t.w.s.s.SearchEngineUserDetailsService : Create user with userId view
2024-03-06T23:12:38.393446667Z 2024-03-06 23:12:38.393  INFO 7 --- [           main] c.t.w.s.s.SearchEngineUserDetailsService : Create user with userId act

I’m always getting a 401 (auth fail) on my task query:

2024-03-06T23:33:40.954Z ERROR 38076 --- [nio-9001-exec-1] o.a.c.c.C.[.[.[/].[dispatcherServlet]    : Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception [Request processing failed: io.camunda.tasklist.exception.TaskListException: Error searching tasks] with root cause

io.camunda.tasklist.generated.invoker.ApiException: searchTasks call failed with: 401 - {"message":""}
	at io.camunda.tasklist.generated.api.TaskApi.getApiException(TaskApi.java:68) ~[camunda-tasklist-client-java-8.4.0.3.jar:na]
	at io.camunda.tasklist.generated.api.TaskApi.searchTasksWithHttpInfo(TaskApi.java:577) ~[camunda-tasklist-client-java-8.4.0.3.jar:na]
	at io.camunda.tasklist.generated.api.TaskApi.searchTasks(TaskApi.java:551) ~[camunda-tasklist-client-java-8.4.0.3.jar:na]
	at io.camunda.tasklist.CamundaTaskListClient.getTasks(CamundaTaskListClient.java:443) ~[camunda-tasklist-client-java-8.4.0.3.jar:na]
	at io.camunda.tasklist.CamundaTaskListClient.getTasks(CamundaTaskListClient.java:421) ~[camunda-tasklist-client-java-8.4.0.3.jar:na]
	at io.camunda.tasklist.CamundaTaskListClient.getTasks(CamundaTaskListClient.java:326) ~[camunda-tasklist-client-java-8.4.0.3.jar:na]
	at 

I’ve tried the other created users view/act - with same result. I can login to TaskList with demo/demo no problem. I don’t see anything being logged in TaskList iself.

Just trying to avoid setting up Idendity/Keycloak for my simple POC.

Suggestions?

I can get my code snipped working with SaaS credentials from the my SaaS environment. So I’m confident the API call itself it OK.

I could use some guidance on how to set up SimpleConfig.

Ta

Hi @tdsproulelendscape - I believe there is a known bug with the latest version of spring-zeebe and the simple authentication, and the camunda-tasklist-client-java package depends on spring-zeebe. If you update the dependency to spring-zeebe:8.4.2-rc1 it should work. Here’s a working example one of our consultants created when troubleshooting this exact issue recently: camunda-deep-dives/tasklist-client-examples at main · upgradingdave/camunda-deep-dives · GitHub

hi @nathan.loding, when i try to import your example project, i am getting error in my pom.xml like that i am sharing. why is this happening?

image798×764 29.2 KB

@Aykut_Yuksek - you can look at some related solutions (like this) or open an issue in that GitHub repository.

@tdsproulelendscape did you found a solution or workaround i am also stuck in same issue

Can you help not sure where i am wrong
→ dependency

—> config
{
@Bean
public CamundaTaskListClient taskListClient() {
SimpleConfig simpleConf = new SimpleConfig();
simpleConf.addProduct(Product.TASKLIST, new SimpleCredential(“demo”, “demo”));
Authentication auth = SimpleAuthentication
.builder()
.simpleUrl(“http://localhost:8081”)
.simpleConfig(simpleConf)
.build();
try {
return CamundaTaskListClient.builder()
.taskListUrl(“http://localhost:8082”)
.authentication(auth)
.build();
} catch (TaskListException e) {
log.error(“Error initializing CamundaTaskListClient”, e);
throw new RuntimeException(e);
}
}

}

—> usage

    TaskSearch ts = new TaskSearch().setProcessInstanceKey("2251799813948324");
    TaskList tasksFromInstance = taskListClient.taskListClient().getTasks(ts);

—> Error

io.camunda.tasklist.generated.invoker.ApiException: searchTasks call failed with: 401 - {“message”:“”}

Hi @Nishant_Arya

Sorry - can’t help with no auth. We tried the suggested solution but could not get it work.
We ended up deploying local KeyCloak with our self hosted POC - and used SimpleCredential

      SimpleCredential simpleCredential = new SimpleCredential("demo", "demo");
      SimpleConfig simpleConfig = new SimpleConfig();
      simpleConfig.addProduct(Product.TASKLIST, simpleCredential);
      auth = SimpleAuthentication.builder().simpleConfig(simpleConfig).simpleUrl(zeebeAuthURL).build();

@Nishant_Arya - if you look at the comments above, there’s a bug with the spring-zeebe package and the fix requires version >=8.4.2-rc1. It looks like you are using 8.4.1. The camunda-tasklist-client-java package is a community-maintained package, not an official Camunda product, so I’m not sure how up to date it is either.

We do recognize these difficulties with the APIs, and this is one reason we are building a unified REST API. It’s in active development and targeting the 8.6 release in the fall, and many of these headaches should be resolved then.