Container-Based Authentication
What Is Container-Based Authentication?
Camunda supports a broad range of containers, including Tomcat, JBoss, Wildfly, IBM WebSphere and Oracle WebLogic. Using Container-Based Authentication, it is possible to move the authentication action to the container level, which will then make the authentication result available to the Camunda Web Applications.
Enabling Container-Based Authentication
The Container-Based Authentication implementation for the Web Applications is switched off by default, but can be activated by adding a servlet filter in the web.xml
as follows:
<!-- Container Based Authentication filter -->
<filter>
<filter-name>Container Based Authentication Filter</filter-name>
<filter-class>org.camunda.bpm.webapp.impl.security.auth.ContainerBasedAuthenticationFilter</filter-class>
<init-param>
<param-name>authentication-provider</param-name>
<param-value>org.camunda.bpm.engine.rest.security.auth.impl.ContainerBasedAuthenticationProvider</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>Container Based Authentication Filter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
Container-Based Authentication for Single Sign-On
The Camunda Web Applications can also integrate with a Single Sign-On implementation when the Container-Based Authentication servlet filter is enabled.