I’m new to Camunda. Using camunda-bpm-wildfly10-7.5.0 with the demos and demo users that came along with it.
I try to make a REST API call with the demo
/ demo
user, who is camunda-admin as well.
curl --user demo:demo http://localhost:8080/camunda/api/engine/engine/default/filter/366e784e-21fa-11e8-b724-00e04c62631c/list?firstResult=0&maxResults=15
gives me:
<html><head><title>Error</title></head><body>Unauthorized</body></html>
Also tried via Postman, also getting a 401 there.
I have read Configure Authentication | docs.camunda.org and I have removed the comment tags so that the camunda-auth
filter is enabled. I edited it directly in the /camunda-bpm-wildfly10-7.5.0/server/wildfly-10.0.0.Final/standalone/deployments/camunda-engine-rest-7.5.0.war file.
Of course I also restarted the server. But I am still getting the 401 Unauthorized error.
The same API call works fine when I go via browser to the Camunda cockpit, logged in as demo/demo: I can see in my browser developer tools / network tab, that the very same API call is also being made from the cockpit successfully there.
In a new tab, but with existing browser session, it’s also showing me the expected result:
Just when I try to make the API call independently without being logged in / an existing session but just via Basic Auth, it fails with 401. Why? For some reason it seems that the camunda-auth filter is not really active, but I don’t see why. Unfortunately I never really used Wildfly before but usually only Tomcat, but for certain reasons, I need to use Wildfly in my case here.
The web.xml looks as follows:
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<display-name>camunda bpm rest api</display-name>
<filter>
<filter-name>CacheControlFilter</filter-name>
<filter-class>org.camunda.bpm.engine.rest.filter.CacheControlFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CacheControlFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- Http Basic Authentication Filter -->
<filter>
<filter-name>camunda-auth</filter-name>
<filter-class>
org.camunda.bpm.engine.rest.security.auth.ProcessEngineAuthenticationFilter
</filter-class>
<init-param>
<param-name>authentication-provider</param-name>
<param-value>org.camunda.bpm.engine.rest.security.auth.impl.HttpBasicAuthenticationProvider</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>camunda-auth</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>