Bad Credential

Karthick · April 11, 2020, 12:00pm

Hi. Am generated and unzipped the spring project with camunda from start.camunda.com and started the server through intellij. Server is started at 8080. But no credentials are accepted tried demo/demo which I have given while generating my project from start.camunda.com. my localhost:8080 displaying some different log in page. Can anyone please help me.

My server start log from Intellij

 ____                                 _         ____  ____  __  __
/ ___| __ _ _ __ ___  _   _ _ __   __| | __ _  | __ )|  _ \|  \/  |
| |   / _` | '_ ` _ \| | | | '_ \ / _` |/ _` | |  _ \| |_) | |\/| |
| |__| (_| | | | | | | |_| | | | | (_| | (_| | | |_) |  __/| |  | |
\____/\__,_|_| |_| |_|\__,_|_| |_|\__,_|\__,_| |____/|_|   |_|  |_|

  Spring-Boot:  (v2.2.5.RELEASE)
  Camunda BPM: (v7.12.0)
  Camunda BPM Spring Boot Starter: (v3.4.2)

2020-04-11 16:35:49.961  INFO 20982 --- [           main] com.example.workflow.Application         : Starting Application on ablp3 with PID 20982 (started by karthick in /home/karthick/Tools/Spring Camunda/CARTS-demo)
2020-04-11 16:35:49.966  INFO 20982 --- [           main] com.example.workflow.Application         : No active profile set, falling back to default profiles: default
2020-04-11 16:35:52.275  INFO 20982 --- [           main] o.s.b.w.embedded.tomcat.TomcatWebServer  : Tomcat initialized with port(s): 8080 (http)
2020-04-11 16:35:52.289  INFO 20982 --- [           main] o.apache.catalina.core.StandardService   : Starting service [Tomcat]
2020-04-11 16:35:52.289  INFO 20982 --- [           main] org.apache.catalina.core.StandardEngine  : Starting Servlet engine: [Apache Tomcat/9.0.31]
2020-04-11 16:35:52.395  INFO 20982 --- [           main] o.a.c.c.C.[Tomcat].[localhost].[/]       : Initializing Spring embedded WebApplicationContext
2020-04-11 16:35:52.395  INFO 20982 --- [           main] o.s.web.context.ContextLoader            : Root WebApplicationContext: initialization completed in 2361 ms
2020-04-11 16:35:52.430  INFO 20982 --- [           main] .c.b.s.b.s.r.CamundaJerseyResourceConfig : Configuring camunda rest api.
2020-04-11 16:35:52.458  INFO 20982 --- [           main] .c.b.s.b.s.r.CamundaJerseyResourceConfig : Finished configuring camunda rest api.
2020-04-11 16:35:52.833  INFO 20982 --- [           main] o.s.j.d.e.EmbeddedDatabaseFactory        : Starting embedded database: url='jdbc:h2:mem:testdb;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=false', username='sa'
2020-04-11 16:35:53.272  INFO 20982 --- [           main] org.camunda.bpm.spring.boot              : STARTER-SB040 Setting up jobExecutor with corePoolSize=3, maxPoolSize:10
2020-04-11 16:35:53.275  INFO 20982 --- [           main] o.s.s.concurrent.ThreadPoolTaskExecutor  : Initializing ExecutorService 'camundaTaskExecutor'
2020-04-11 16:35:53.376  INFO 20982 --- [           main] org.camunda.bpm.engine.cfg               : ENGINE-12003 Plugin 'CompositeProcessEnginePlugin[genericPropertiesConfiguration, camundaProcessEngineConfiguration, camundaDatasourceConfiguration, camundaJobConfiguration, camundaHistoryConfiguration, camundaMetricsConfiguration, camundaAuthorizationConfiguration, camundaDeploymentConfiguration, CreateAdminUserConfiguration[adminUser=AdminUserProperty[id=demo, firstName=Demo, lastName=Demo, email=demo@localhost, password=******]], failedJobConfiguration, eventPublisherPlugin]' activated on process engine 'default'
2020-04-11 16:35:55.058  WARN 20982 --- [           main] s.b.s.c.i.DefaultDeploymentConfiguration : unable to determine if resource URL [jar:file:/home/karthick/.m2/repository/org/camunda/bpm/dmn/camunda-engine-dmn/7.12.0/camunda-engine-dmn-7.12.0.jar!/META-INF/maven/org.camunda.bpm.dmn/] is a deployable resource
2020-04-11 16:35:55.058  WARN 20982 --- [           main] s.b.s.c.i.DefaultDeploymentConfiguration : unable to determine if resource URL [jar:file:/home/karthick/.m2/repository/org/camunda/bpm/dmn/camunda-engine-feel-api/7.12.0/camunda-engine-feel-api-7.12.0.jar!/META-INF/maven/org.camunda.bpm.dmn/] is a deployable resource
2020-04-11 16:35:55.058  WARN 20982 --- [           main] s.b.s.c.i.DefaultDeploymentConfiguration : unable to determine if resource URL [jar:file:/home/karthick/.m2/repository/org/camunda/bpm/dmn/camunda-engine-feel-juel/7.12.0/camunda-engine-feel-juel-7.12.0.jar!/META-INF/maven/org.camunda.bpm.dmn/] is a deployable resource
2020-04-11 16:35:55.059  INFO 20982 --- [           main] org.camunda.bpm.spring.boot              : STARTER-SB021 Auto-Deploying resources: [file [/home/karthick/Tools/Spring Camunda/CARTS-demo/target/classes/process.bpmn]]
2020-04-11 16:35:55.061  INFO 20982 --- [           main] o.c.b.s.b.s.event.EventPublisherPlugin   : EVENTING-001: Initialized Camunda Spring Boot Eventing Engine Plugin.
2020-04-11 16:35:55.062  INFO 20982 --- [           main] o.c.b.s.b.s.event.EventPublisherPlugin   : EVENTING-003: Task events will be published as Spring Events.
2020-04-11 16:35:55.062  INFO 20982 --- [           main] o.c.b.s.b.s.event.EventPublisherPlugin   : EVENTING-005: Execution events will be published as Spring Events.
2020-04-11 16:35:55.066  INFO 20982 --- [           main] o.c.b.s.b.s.event.EventPublisherPlugin   : EVENTING-007: History events will be published as Spring events.
2020-04-11 16:35:58.503  INFO 20982 --- [           main] org.camunda.bpm.engine.persistence       : ENGINE-03016 Performing database operation 'create' on component 'engine' with resource 'org/camunda/bpm/engine/db/create/activiti.h2.create.engine.sql'
2020-04-11 16:35:58.566  INFO 20982 --- [           main] org.camunda.bpm.engine.persistence       : ENGINE-03016 Performing database operation 'create' on component 'history' with resource 'org/camunda/bpm/engine/db/create/activiti.h2.create.history.sql'
2020-04-11 16:35:58.586  INFO 20982 --- [           main] org.camunda.bpm.engine.persistence       : ENGINE-03016 Performing database operation 'create' on component 'identity' with resource 'org/camunda/bpm/engine/db/create/activiti.h2.create.identity.sql'
2020-04-11 16:35:58.610  INFO 20982 --- [           main] org.camunda.bpm.engine.persistence       : ENGINE-03016 Performing database operation 'create' on component 'case.engine' with resource 'org/camunda/bpm/engine/db/create/activiti.h2.create.case.engine.sql'
2020-04-11 16:35:58.619  INFO 20982 --- [           main] org.camunda.bpm.engine.persistence       : ENGINE-03016 Performing database operation 'create' on component 'case.history' with resource 'org/camunda/bpm/engine/db/create/activiti.h2.create.case.history.sql'
2020-04-11 16:35:58.627  INFO 20982 --- [           main] org.camunda.bpm.engine.persistence       : ENGINE-03016 Performing database operation 'create' on component 'decision.engine' with resource 'org/camunda/bpm/engine/db/create/activiti.h2.create.decision.engine.sql'
2020-04-11 16:35:58.642  INFO 20982 --- [           main] org.camunda.bpm.engine.persistence       : ENGINE-03016 Performing database operation 'create' on component 'decision.history' with resource 'org/camunda/bpm/engine/db/create/activiti.h2.create.decision.history.sql'
2020-04-11 16:35:58.669  INFO 20982 --- [           main] org.camunda.bpm.engine.persistence       : ENGINE-03067 No history level property found in database
2020-04-11 16:35:58.670  INFO 20982 --- [           main] org.camunda.bpm.engine.persistence       : ENGINE-03065 Creating historyLevel property in database for level: HistoryLevelFull(name=full, id=3)
2020-04-11 16:35:58.744  INFO 20982 --- [           main] org.camunda.bpm.engine                   : ENGINE-00001 Process Engine default created.
2020-04-11 16:35:58.915  INFO 20982 --- [           main] org.camunda.bpm.spring.boot              : STARTER-SB010 creating initial Admin User: AdminUserProperty[id=demo, firstName=Demo, lastName=Demo, email=demo@localhost, password=******]
2020-04-11 16:35:59.495  INFO 20982 --- [           main] o.c.b.s.b.s.w.f.LazyInitRegistration     : lazy initialized org.camunda.bpm.spring.boot.starter.webapp.filter.LazySecurityFilter@9d7ccfe
2020-04-11 16:35:59.496  INFO 20982 --- [           main] o.c.b.s.b.s.w.f.LazyInitRegistration     : lazy initialized org.camunda.bpm.spring.boot.starter.webapp.filter.LazyProcessEnginesFilter@4c48fe92
2020-04-11 16:35:59.662  INFO 20982 --- [           main] .s.s.UserDetailsServiceAutoConfiguration : 

Using generated security password: a2339f99-8c27-4746-9693-c2bf891d9506

2020-04-11 16:35:59.814  INFO 20982 --- [           main] o.s.s.web.DefaultSecurityFilterChain     : Creating filter chain: any request, [org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@7103745, org.springframework.security.web.context.SecurityContextPersistenceFilter@3957d88b, org.springframework.security.web.header.HeaderWriterFilter@34fcd292, org.springframework.security.web.csrf.CsrfFilter@4b4927e5, org.springframework.security.web.authentication.logout.LogoutFilter@23f60b7d, org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter@643f6179, org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter@7cb29ea8, org.springframework.security.web.authentication.ui.DefaultLogoutPageGeneratingFilter@227a933d, org.springframework.security.web.authentication.www.BasicAuthenticationFilter@20a1b3ae, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@2fba0dac, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@2fca3eb5, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@25de8898, org.springframework.security.web.session.SessionManagementFilter@496cedbb, org.springframework.security.web.access.ExceptionTranslationFilter@7b1a30e5, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@43588265]
2020-04-11 16:35:59.906  INFO 20982 --- [           main] o.s.b.w.embedded.tomcat.TomcatWebServer  : Tomcat started on port(s): 8080 (http) with context path ''
2020-04-11 16:35:59.910  INFO 20982 --- [           main] com.example.workflow.Application         : Started Application in 10.956 seconds (JVM running for 11.653)
2020-04-11 16:35:59.912  INFO 20982 --- [           main] org.camunda.bpm.engine.jobexecutor       : ENGINE-14014 Starting up the JobExecutor[org.camunda.bpm.engine.spring.components.jobexecutor.SpringJobExecutor].
2020-04-11 16:35:59.918  INFO 20982 --- [ingJobExecutor]] org.camunda.bpm.engine.jobexecutor       : ENGINE-14018 JobExecutor[org.camunda.bpm.engine.spring.components.jobexecutor.SpringJobExecutor] starting to acquire jobs
2020-04-11 16:38:20.761  INFO 20982 --- [nio-8080-exec-1] o.a.c.c.C.[Tomcat].[localhost].[/]       : Initializing Spring DispatcherServlet 'dispatcherServlet'
2020-04-11 16:38:20.762  INFO 20982 --- [nio-8080-exec-1] o.s.web.servlet.DispatcherServlet        : Initializing Servlet 'dispatcherServlet'
2020-04-11 16:38:20.774  INFO 20982 --- [nio-8080-exec-1] o.s.web.servlet.DispatcherServlet        : Completed initialization in 12 ms```

Niall · April 11, 2020, 4:58pm

You probably selected spring security.
Maybe if you don’t want to use it, you could re-generate the project from start.camunda.com without selecting spring security.

Karthick · April 12, 2020, 5:45pm

Yeah. Thanks for it. But what should be my log in username/password in case of spring security?

aravindhrs · April 12, 2020, 6:12pm

@Karthick When spring security dependency is added, spring security class UserDetailsServiceAutoConfiguration detects (default) a user credentials it will try to create spring security context and those values are been set in the InMemoryUserDetailsManager. Spring security class UserDetailsServiceAutoConfiguration uses different hashing algorithm which is not the same as camunda password hashing algorithm (assuming). So the solution to the problem is exclude the spring security dependency. The difference in the log you can found after excluding the spring security dependency is below log won’t appear.

2020-04-11 16:35:59.662 INFO 20982 — [ main] .s.s.UserDetailsServiceAutoConfiguration :

Using generated security password: a2339f99-8c27-4746-9693-c2bf891d9506

Spring security generates credentials from this class SecurityProperties#User:

public InMemoryUserDetailsManager inMemoryUserDetailsManager(SecurityProperties properties,
			ObjectProvider<PasswordEncoder> passwordEncoder) {
		SecurityProperties.User user = properties.getUser();
		List<String> roles = user.getRoles();
		return new InMemoryUserDetailsManager(
				User.withUsername(user.getName()).password(getOrDeducePassword(user, passwordEncoder.getIfAvailable()))
						.roles(StringUtils.toStringArray(roles)).build());
	}

private String getOrDeducePassword(SecurityProperties.User user, PasswordEncoder encoder) {
	String password = user.getPassword();
	if (user.isPasswordGenerated()) {
		logger.info(String.format("%n%nUsing generated security password: %s%n", user.getPassword()));
	}
	if (encoder != null || PASSWORD_ALGORITHM_PATTERN.matcher(password).matches()) {
		return password;
	}
	return NOOP_PASSWORD_PREFIX + password;
}

class User {

	// Default user name.
	private String name = "user";
   
    //Password for the default user name.
	private String password = UUID.randomUUID().toString();
}

If you want to give a try with spring generated credentials, you can try with username as “user” and password can be found in application startup log which is UUID.randomUUID().toString(). But I dont think you can able to login with spring security generated credentials, so better remove security and try with demo/demo.

Karthick · April 12, 2020, 6:17pm

@aravindhrs Thanks a lot.

Karthick · April 12, 2020, 7:21pm

Yeah Finally removed spring security and it works well with demo/demo.

aravindhrs · April 12, 2020, 7:26pm

Good to hear that