Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Is it possible to do OAuth without Spring Boot?
See original GitHub issueI’m trying to provide SSO for an instance of Camuda via Google OAuth, and I’m reading various docs related to this plugin and I’m a bit confused. I keep seeing references to something called “Spring Boot”, which appears to be some kind of external service as far as I can tell.
I have no interest in using this “Spring Boot” thing with my instance of Camunda, but all tutorials I’ve seen related to OAuth and Keycloak keep mentioning it. So my question is: Is it possible to do OAuth with Keycloak without Spring Boot?
I found this issue: https://github.com/camunda-community-hub/camunda-bpm-identity-keycloak/issues/36
Which appears to describe my dilemma well, since I did install the Keycloak JAR and configured a default.yml file to use my already configured instance of Keycloak, but nothing has changed. I see no option to use Keycloak for login.
The official README file mentions this:
Add the following class to your Camunda Spring Boot application in order to activate the Keycloak Identity Provider Plugin:
And then provides some example Java code. Where is that supposed to go if I’m not using Spring Boot?
Issue Analytics
- State:
- Created 2 years ago
- Comments:27
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Hi @jakubgs,
if you do not want to setup your own Spring Boot project, you have the following options for this plugin:
But this plugin is NOT an SSO plugin. It replaces the original Camunda Identity Provider (which uses the Camunda database for users and groups) with a ReadOnlyIdentityProvider connecting to Keycloak. Without SSO you keep using the standard Camunda login form. Because passwort grant exchanges are not supported e.g. by social logins and other identity providers configured in Keycloak this will work with the LDAP user federation and local users and groups of Keycloak only. See README of this plugin.
If you want it all, you will need SSO. When it comes to implementing SSO, it’s the most easy thing to setup your own Camunda Spring Boot instance. Because with that you have all of the standard Spring Boot SSO mechanisms at your hand. Out of the box. If you do not want to do that, please have a look at the work of @iceman91176 (https://github.com/iceman91176/camunda-bpm-auth-keycloak-sso).
Hope this helps. Gunnar
Ah, sorry, I totally forgot about this issue. Thanks for answering my questions.