How to use RequestAuthorizer and Authentications class?

Hi Andreas,

Can you please explain what you are trying to achieve in more detail? Are you trying to extend the authentication procedure for the Camunda web application or for a custom application?

While HttpBasicAuthenticationProvider is a REST API class and mentioned in the documentation. EngineRequestAuthorizer is an internal class of the Camunda webapps that in combination with org.camunda.bpm.webapp.impl.security.auth.AuthenticationFilter implements session-based authentication. It is not supposed to be reused in custom projects, however there is also no reason why you should not do it. I assume you are missing the latter class as a servlet filter since it calls the method Authentications#setCurrent.

Cheers,
Thorben