Hi everyone,
I’m currently working on integrating Camunda with Keycloak and LDAP. I’ve successfully connected Keycloak with LDAP using Apache Directory Studio and Apache DS. However, I’m facing issues connecting Keycloak with Camunda. Here are the details of my setup:
Hi @Bishal072, welcome to the forums! What have you already tried? Are you seeing errors in the logs? Can you share the configs you tried already?
Hi @nathan.loding
I’m trying to integrate Camunda 8.8.0-alpha5 with LDAP authentication on my local system, but I do not have access to Docker. I attempted to configure the connection using environment variables, and while I’m not seeing any errors, I’m also not sure if the setup is actually working or if I’m heading in the right direction.
Here’s the configuration I’m using:
ELASTICSEARCH_VERSION=8.17.3
CAMUNDA_VERSION=8.8.0-alpha5
CONNECTORS_VERSION=8.8.0-alpha5
COMPOSE_TAG=8.7
COMPOSE_EXTRACTED_FOLDER=docker-compose-8.7
SPRING_PROFILES_ACTIVE=ldap-auth
CAMUNDA_OPERATE_LDAP_URL=ldap://localhost:10389
CAMUNDA_OPERATE_LDAP_BASEDN=dc=example,dc=com
CAMUNDA_OPERATE_LDAP_MANAGERDN=cn=admin,dc=example,dc=com
CAMUNDA_OPERATE_LDAP_MANAGERPASSWORD=secret
CAMUNDA_OPERATE_LDAP_USERSEARCHFILTER=uid={0}
CAMUNDA_OPERATE_LDAP_USERSEARCHBASE=ou=users,dc=example,dc=com
CAMUNDA_OPERATE_LDAP_USERIDATTRNAME=uid
CAMUNDA_OPERATE_LDAP_DISPLAYNAMEATTRNAME=cn
I’m not using Docker, so I’m trying to run everything manually or through local builds. I haven’t found clear documentation for setting up LDAP with Camunda 8 in a non-Docker environment.
My questions:
Is this the correct way to configure LDAP for Camunda without Docker?
@Bishal072 - that will enabled LDAP authentication for Operate but not for the rest of the stack. That also bypasses Keycloak. I think the best approach is to use Keycloak with Identity, and configure your LDAP provider/user federation within Keycloak.
The 8.8-alpha5 build is an alpha, so there may be issues; it might be better to work on the stable 8.7 release.