Adding http basic authentication to the REST apis

Hi,

I’m trying to add basic authentication to my REST apis. unfortunately the documentation is not clear in this regard. I created a folder WEB-INF inside webapp and inside it I created a file web.xml where I pasted the filters specified here Configure Authentication | docs.camunda.org

However, this doesn’t seem to work. It feels like I’m missing something somewhere. I build & deployed my process successfully without errors but I still can access the built-in REST apis without authentication

any detailed references on this subject?

Can you please provide some details on your setup? Are the Camunda REST API resources deployed via camunda-engine-rest.war (or similar name), or do you embed the resources in your application?

Cheers,
Thorben

I have solved the problem. it turns out I modified the wrong web.xml. I should modify the engine-rest web.xml file

Hello Sir,

Can you please provide all detail steps to achieve Basic authentication?
i want to call call camunda API by postman and should i ask basic auth(user name/password).
Can you please please which web.xml file, we should change and what need to add?
I am using community camunda-bpm-tomcat-7.12.0_Server and downloaded from https://camunda.com/download/

Requesting you to please provide information in detail.

Regards,
Somnath

Hi @somnath_shewale,

navigate to the folder server\apache-tomcat-9.0.24\webapps\engine-rest\WEB-INF in your unzipped directory. Open the file web.xml in an editor and remove the comments around the lines 38-57 (<filter> ... </filter-mapping>)

Restart the server and postman should answer the requests with status code 401 (unauthorized).

Hope this helps, Ingo

2 Likes

Thank you @Ingo_Richtsmeier sir.