I’ve changed idm admin password used for executing the REST calls to the IDM Rest services so I’ve changed
FLOWABLE_COMMON_APP_IDM-ADMIN.PASSWORD in every service and put FLOWABLE_IDM_APP_ADMIN_PASSWORD property to flowable-idm configuration.
Here is my docker compose file ( it’s modeler-task-idm-admin-postgres.yml with my emboldened changes):
I can log into idm app (http://localhost:8080/flowable-idm/) with admin/kZ2uekjn4u but when I try to log in to any other app (with the same credentials) it always redirects me to login page without any message.
I can log in to the other apps when I change password (from idm app) to the default one - “test”.
Can you help me ? Did I missed something ?
I can’t understand how it works.
Is there something hard coded (“test” password) ?
No. The password is not hard coded.
I tested it and I’m experiencing the same thing when running with docker compose.
It seems to be related with setting the REST password in the docker compose config. (It’s working running standalone)
I have to investigate this further.
Can you try setting the password with FLOWABLE_COMMON_APP_IDM-ADMIN_PASSWORD instead of FLOWABLE_COMMON_APP_IDM-ADMIN.PASSWORD the _ instead of . in the property?
Exactly. It’s the reason. When there is “.” in env property default value is loaded from flowable-default.properties
I’ve stared debugging spring apps from docker images and found that RemoteIdmServiceImpl constructor is feeded with admin/test credentials.
Since I’ve already gone through that case, maybe I’ll describe how I debug applications.
Clone flowable repository
git checkout flowable-6.3.1
Add -agentlib:jdwp=transport=dt_socket,address=8001,server=y,suspend=n to i.e. flowable-modeler-app service in docker compose. Should look similar to this one:
Note there are still dots in env properties (LOWABLE_COMMON_APP_IDM-ADMIN.USER, LOWABLE_COMMON_APP_IDM-ADMIN.USER). Do not copy whole service configuration
Thanks for the PR and the pointer for the debugging @rgorzkowski
One pointer from me. Whenever there are issues with the environment I always try the actuator/env and actuator/configprops from the Spring Boot properties. The first one gives you insight into how the environment looks like (which properties are set) and the second one gives you insight into the actual @ConfigurationProperties beans and their values.
I am running into a very similar and seeminlgy related issue with similar symptoms. I hope someone can shed some light on this as it probably affects a series of “newbies”.
I wanted to try flowable on my docker environment and, since I want it exposed to the internet, wanted to at least change the default admin password. I am able to change it, but as soon as I do, all flowable-modeler, flowable-admin etc redirect to the flowable-idm login page. If I don’t touch the admin test configuration all works fine, but as soon as in flowable-idm I do any change on the admin user (rename, disable, change password), I can’t login anymore. This is obviously undesirable since I am running it exposed to the internet.
My configuration
I try to run it as simply as possible so I can easily test it. I am not using compose (for a variety of reasons) but plain vanilla docker:
You can ignore the Traefik parameters, they merely configure the reverse proxy so I get automatic SSL and can access flowable from the internet. This is basically little more than the basic run command that also the instructions on Docker show and that I would expect to suffice.
What I tried
I tried a variety of options: I tried using postgres (as per the flowable/all-in-one compose file), setting the user and password as environment variables (setting FLOWABLE_COMMON_APP_IDM-ADMIN.USER and FLOWABLE_COMMON_APP_IDM-ADMIN.PASSWORD - trying both with dot and without - nothing changed, the default password staid at admin test) and reading through this forum finding any solution that may help. Nothing in the logs jumped out at me.
The question
Does anyone know how to solve this? My impression is that my docker comand shown above should be able to run a test version of flowable. Or am I missing some important configruation?
Y wrote that you changed common app idm admin user and password (btw. there is a typo in properties name. You should use underscore instead of a dot in ADMIN.PASSWORD and same in ADMIN.PASSWORD). Those properties are used while executing REST calls to the IDM Rest services (i.e. in flowable-admin app).
You have to set FLOWABLE_IDM_APP_ADMIN_PASSWORD if you want to change the password of the admin user. If you want to change id of the admin user you should pass FLOWABLE_IDM_APP_ADMIN_USER-ID.
When you change those properties be mindful of changing FLOWABLE_COMMON_APP_IDM-ADMIN_USER , FLOWABLE_COMMON_APP_IDM-ADMIN_PASSWORD and also below properties if you want to work with flowable-admin: