Keycloak Integration

Flowable Engine
1

Hello,

I’m trying to integrate flowable idm with keycloak which my microservice uses.
I’ve been trying to follow this blog post (What’s new with the Open Source Flowable UI Apps) but I get this error everytime.

Error creating bean with name 'idmSecurityConfiguration.IdmApiWebSecurityConfigurationAdapter'

Here is my yml config

security:
    oauth2:
      client:
        registration:
          keycloack:
            client-id: <id>
            client-secret: <secret>
            authorization-grant-type: authorization_code
        provider:
          keycloack:
            issuer-uri: http://localhost:8080/auth/realms/new
            user-name-attribute: preferred_username
      resourceserver:
        jwt:
          jwk-set-uri: http://localhost:8080/auth/realms/new/protocol/openid-connect/certs

flowable:
  common:
    app:
      security:
        type: oauth2
        o-auth2:
          authorities-attribute: groups
          groups-attribute: userGroups
  idm:
    app:
      keycloak:
        enabled: true
        server: http://localhost:8080/
        authentication-realm: master
        authentication-user: admin
        authentication-password: admin
        realm: new

Thanks in advance
Best regards
Umut

2

I have found out that the password can’t get the value from my config I think.

        @Bean
        @ConditionalOnClass({Jwt.class})
        @ConditionalOnMissingBean
        public ApiHttpSecurityCustomizer delegatingApiHttpSecurityCustomizer() {
            JwtAuthenticationConverter converter = new JwtAuthenticationConverter();
            OAuth2 oAuth2 = this.commonAppProperties.getSecurity().getOAuth2();
            String authoritiesAttribute = oAuth2.getAuthoritiesAttribute();
            String groupsAttribute = oAuth2.getGroupsAttribute();
            Collection<String> defaultAuthorities = oAuth2.getDefaultAuthorities();
            Collection<String> defaultGroups = oAuth2.getDefaultGroups();
            converter.setJwtGrantedAuthoritiesConverter(new FlowableJwtGrantedAuthoritiesMapper(authoritiesAttribute, groupsAttribute, defaultAuthorities, defaultGroups));
            JwtApiHttpSecurityCustomizer jwtApiHttpSecurityCustomizer = new JwtApiHttpSecurityCustomizer(converter);
            String username = this.commonAppProperties.getIdmAdmin().getUser();
            String password = this.commonAppProperties.getIdmAdmin().getPassword();
            FixUserApiHttpSecurityCustomizer fixUserApiHttpSecurityCustomizer = new FixUserApiHttpSecurityCustomizer(username, this.deducePassword(password));
            return new DelegatingApiHttpSecurityCustomizer(Arrays.asList(fixUserApiHttpSecurityCustomizer, jwtApiHttpSecurityCustomizer));
        }

By debugging this code ( in org.flowable.ui.common.security.FlowableUiSecurityAutoConfiguration)
I see that this.commonAppProperties.getIdmAdmin().getPassword() returns null for some reason.
When I set the value to correct password when debugging, it works but I have another problem afterwards which is there are not task, modeler, admin or idm options when logged in. Just blank flowable page.

3

Integrating multiple applications with keycloak

  1. Add keycloak and spring-boot dependencies.
  2. CreateSecurityConfig. …
  3. Create applications. …
  4. Open command prompt and run docker-compose up to run keycloak.
  5. Open browser and enter the keycloak url. …
  6. Default username and password is ‘admin’ , ‘admin’.
  7. Click on Add Realm.
5

Hi @umutkazan,
Were you able to resolve this error ? I am also facing same issue.