In the doc Configure Authentication | docs.camunda.org i find:
" In the pre-built distributions, the engine authentication is switched off by default. You may have a look at the distribution’s web.xml
file and remove the comment markers from the above mentioned filter declaration to activate authentication."
But I cannot find any lines to ‘uncomment’. There are no such lines.
So I should put these lines but where? Where exactly in web.con file?
<filter>
<filter-name>camunda-auth</filter-name>
<filter-class>
org.camunda.bpm.engine.rest.security.auth.ProcessEngineAuthenticationFilter
</filter-class>
<async-supported>true</async-supported>
<init-param>
<param-name>authentication-provider</param-name>
<param-value>org.camunda.bpm.engine.rest.security.auth.impl.HttpBasicAuthenticationProvider</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>camunda-auth</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
Suppose these lines are there. What about users and passwords?