After auth success, app redirects back to login page

Flowable Application
1

I’m running Flowable 6.3.1 IDM and Modeler in a Docker container. The Dockerfile is simply this:

FROM tomcat:8.0.20-jre8
COPY src/main/resources/flowable-ui-idm-app.war /usr/local/tomcat/webapps/flowable-idm.war
COPY src/main/resources/flowable-ui-modeler-app.war /usr/local/tomcat/webapps/flowable-modeler.war

And I run it like this:

docker run -d -p 8080:8080 -e FLOWABLE_COMMON_APP_IDM_URL=http://localhost:8080/flowable-idm -e FLOWABLE_COMMON_APP_IDM_REDIRECT_URL=http://localhost:8080/flowable-idm <image>

But after I login successfully with admin/test, it sends me back to: http://localhost:8080/flowable-idm/#/login?redirectOnAuthSuccess=true&redirectUrl=http:%2F%2Flocalhost:8080%2Fflowable-modeler%2F

In my browser console, the first thing that appears to happen is a request to http://localhost:8080/flowable-modeler/ with a 302 response. Next is a request to http://localhost:8080/flowable-idm/ with a 200 response.
I’ve tried defining “FLOWABLE_COMMON_APP_REDIRECT_ON_AUTH_SUCCESS=http://localhost:8080/flowable-modeler” as well, but it seems to have no effect.

This is using a fresh flowable database on MySQL. I am using Docker for Mac on OS X. I’m also connected to a VPN on my cloud services provider. For the remember-me token, Flowable sees that the user’s (my) IP is 172.17.0.1, which is simply the Docker bridge network gateway address.

Please help!

2

Hi @lrwellsmith,
I am running flowable on a ubuntu in WSL (windows subsystem for Linux). I had to disable my kaspersky firewall to be able to run it correctly. Maybe something to look at for you as well?
Regards,
Wim

3

disable as in completely shutdown.

4

Thanks for the thought, but this is on OS X with Docker for Mac. Will update my post with more detail.

5

Hi.

The problem is probably that 2 isolated containers are trying to communicate with each other.
The Modeler will try to access IDM with http://localhost:8080. This will not work.

the FLOWABLE_COMMON_APP_IDM-URL property is used for server to server communication
the optional FLOWABLE_COMMON_APP_IDM-REDIRECT-URL is used for client browser redirection

You have (at least) 2 options here;

Use something like docker compose so that the containers can communicate with each other by referring to the service name.
You can have a look here to see an example.

Use a dns / hostname that the container can resolve. F.e. the hostname name of the machine docker is running on. And use the exposed port.

Does this make sense?

Regards,

Yvo

6

Hi Yvo, thanks for responding but to make sure we’re on the same page, these two apps are in the same Docker container and are in the same web server. They’re not configured with different hosts or ports or anything. If Modeler is on localhost then IDM is also on localhost. I’ve tried other hosts such as 172.17.0.3 (the address of the server within the Docker bridge network), 0.0.0.0, 127.0.0.1, etc. with no effect. There should be no problem with one of the apps calling the other over HTTP. Are you saying they need to be on different hosts?