Uploaded image for project: 'jBPM'
  1. jBPM
  2. JBPM-6212

keycloak integration between jbpm-console and kie-server

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Won't Fix
    • Affects Version/s: 7.0.0.Final
    • Fix Version/s: 7.0.0.Final
    • Component/s: Console
    • Labels:
      None
    • Steps to Reproduce:
      Hide

      Setup keycloak authentication on two different servers (jbpm-console & kie-server). Create keycloak user with all the roles. Go to jbpm-console -> Process Management -> Process Definitions. You will see error message Invalid credentials to load data from remote server. Contact your system administrator.

      Show
      Setup keycloak authentication on two different servers (jbpm-console & kie-server). Create keycloak user with all the roles. Go to jbpm-console -> Process Management -> Process Definitions. You will see error message Invalid credentials to load data from remote server. Contact your system administrator.

      Description

      I have two separate dockers. Extended from official docker-hub images. One contains jbpm-console and the second kie-server.

      I have configured keycloak authentication on both servers. When I try login with keycloak user to jbpm-console, it works alright. When I try to send REST request (via POSTMAN) to jbpm-console, it works too. When I try to send REST request to kie-server, it works too. So I think keycloak is configured correctly. The problem is, that from jbpm-console -> Process Management -> Process Definitions, I get the following error message.

      Invalid credentials to load data from remote server. Contact your system administrator.

      Given user has all the roles like admin, user, kie-server, rest-all.

      If I turn off security in kie-server.war/.../web.xml, I can see the Process definitions. But this introduces additional problem with Tasks. Because users don't see assigned tasks, because kie-server does not get any user info ...

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                cristiano.nicolai Cristiano Nicolai
                Reporter:
                voytoo Martin Vojtek
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: