Loading...

XML

Word

Printable

Type: Task
Resolution: Done
Priority: Major
Fix Version/s: None
Affects Version/s: None
Component/s: Data Index, Job Service, Management Console, Task Console
Labels:
- Documentation

Epic Link:
Enable security on Kogito services using Keycloak

Sprint:
2020 Week 34-36 (from Aug 17)

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

From Quarkus 1.7.0, it will be possible to enable/disable security at runtime for Quarkus apps (see PR).
We should configure the Kogito components to allow doing this using quarkus profiles at runtime.

For the unsecured profile, this is the configuration in the properties:

quarkus.http.auth.permission.1.paths=/*
quarkus.http.auth.permission.1.policy=permit
quarkus.oidc.enabled=true
quarkus.oidc.tenant-enabled=false

For secured profile:

quarkus.http.auth.permission.1.paths=/*
quarkus.http.auth.permission.1.policy=authenticated
quarkus.oidc.enabled=true
quarkus.oidc.tenant-enabled=true # this is the key!
quarkus.oidc.auth-server-url=http://XXX:8280/auth/realms/kogito
quarkus.oidc.client-id=kogito-service
quarkus.oidc.credentials.secret=secret

blocks

KOGITO-1001 Cucumber Tests: Add test for Jobs-service with Keycloak

Closed

KOGITO-2679 Configure Kogito Component Images to enable/disable security at runtime

Closed

is blocked by

KOGITO-2921 Bump Extension to Quarkus 1.7.0.Final

Closed

KOGITO-3053 Bump Kogito Apps to Quarkus 1.7

Closed

relates to

KOGITO-536 Data-index-service Keycloak integration: GraphiQL (UI)

Resolved

KOGITO-843 Support Keycloack security in Task Console

Closed

KOGITO-2246 Add keycloak integration at quarkus management console App

Closed

(2 relates to)

Assignee:: Neus Miras Chueca

Reporter:: Jose Carvajal Hilario

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2020/07/07 3:00 AM

Updated:: 2022/09/23 11:27 AM

Resolved:: 2020/09/03 10:09 AM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates