Hello,
I am writing my own Container Based Authentication Filter. I wrote the following java class KeycloakSSOAuthenticationProvider
that implements AuthenticationProvider
and looks something like this:
package com.somename.sso.camunda;
import org.camunda.bpm.engine.rest.security.auth.AuthenticationProvider;
public class KeycloakSSOAuthenticationProvider implements AuthenticationProvider {
@Override
public AuthenticationResult extractAuthenticatedUser(final HttpServletRequest request, final ProcessEngine engine) {
// Does something
return authenticationResult;
}
private List<String> getUserGroups(final String userId, final ProcessEngine engine) {
// Does something
return groupIds;
}
public void augmentResponseByAuthenticationChallenge(final HttpServletResponse response,
final ProcessEngine engine) {
;
}
}
Here ist the filter description from my web.xml
file:
<filter>
<filter-name>Container Based Authentication Filter</filter-name>
<filter-class>org.camunda.bpm.webapp.impl.security.auth.ContainerBasedAuthenticationFilter</filter-class>
<init-param>
<param-name>authentication-provider</param-name>
<param-value>com.somename.sso.camunda.KeycloakSSOAuthenticationProvider</param-value>
<!-- <param-value>org.camunda.community.auth.keycloak.sso.KeycloakSSOAuthenticationProvider</param-value> -->
</init-param>
</filter>
<filter-mapping>
<filter-name>Container Based Authentication Filter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
There is an error at runtime when the filter tries to cast KeycloakSSOAuthenticationProvider
to AuthenticationProvider
. I would suppose that this casting should not be a problem since the first one implements the second one.
However it appears that KeycloakSSOAuthenticationProvider
is loaded by URLClassLoader
, while AuthenticationProvider
is loaded by ParallelWebappClassLoader
and this is creating the error. Here the error log I get when running camunda:
Caused by: java.lang.ClassCastException: class com.somename.sso.camunda.KeycloakSSOAuthenticationProvider cannot be cast to class org.camunda.bpm.engine.rest.security.auth.AuthenticationProvider (com.somename.sso.camunda.KeycloakSSOAuthenticationProvider is in unnamed module of loader java.net.URLClassLoader @6fc6f14e; org.camunda.bpm.engine.rest.security.auth.AuthenticationProvider is in unnamed module of loader org.apache.catalina.loader.ParallelWebappClassLoader @7a498efa)
I´ve been stuck with this for days and any help will be highly appreciated.