• Home
• org.camunda.bpm.extension.examples
• camunda-platform-7-keycloak-examples-jwt
• 7.21.0
• source code

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

pm.extension.examples.camunda-platform-7-keycloak-examples-jwt.7.21.0.source-code.application.yaml Maven / Gradle / Ivy

spring.datasource:
  url: ${JDBC_URL:jdbc:h2:./camunda-db;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE}
  username: ${JDBC_USER:sa}
  password: ${JDBC_PASSWORD:sa}

camunda.bpm:
  history-level: audit
  authorization:
    enabled: true
  # CSP header configuration (Camunda 7.18+)
  webapp:
    header-security:
      content-security-policy-value: "base-uri 'self';
                                      script-src $NONCE 'strict-dynamic' 'unsafe-eval' https: 'self' 'unsafe-inline';
                                      style-src 'unsafe-inline' 'self';
                                      connect-src ${keycloak.url} 'self';
                                      default-src 'self';
                                      img-src 'self' data:;
                                      block-all-mixed-content;form-action 'self';
                                      frame-ancestors 'none';object-src 'none';
                                      sandbox allow-forms allow-scripts allow-same-origin allow-popups allow-downloads"

server:
  port: 8080

# Metrics & Health
management:
  endpoint.health.probes.enabled: true
  endpoints:
    web.exposure.include: env,health,info,metrics


# Externalized Keycloak configuration
keycloak:
  # Keycloak access for the Identity Provider plugin.
  url: http://localhost:9000

  # Keycloak JWT Client configuration
  jwt:
    realm: camunda
    client.id: camunda-jwt

  # Keycloak Camunda Identity Service
  plugin:
    client.id: camunda-identity-service
    client.secret: FOZQuxYwfuvb9R708askvn9XkZMfwlKp

# Spring Boot Security OAuth2 SSO
spring.security:
  oauth2:
    resource-server:
      jwt:
        issuer-uri: ${keycloak.url}/realms/camunda

# Camunda Cockpit JWT Plugin
plugin.cockpit.keycloak:
  keycloakUrl: ${keycloak.url}
  realm: ${keycloak.jwt.realm}
  clientId: ${keycloak.jwt.client.id}

# Camunda Keycloak Identity Provider Plugin
plugin.identity.keycloak:
  keycloakIssuerUrl: ${keycloak.url}/realms/camunda
  keycloakAdminUrl: ${keycloak.url}/admin/realms/camunda
  clientId: ${keycloak.plugin.client.id}
  clientSecret: ${keycloak.plugin.client.secret}
  useEmailAsCamundaUserId: false
  useUsernameAsCamundaUserId: true
  useGroupPathAsCamundaGroupId: true
  administratorGroupName: camunda-admin
  disableSSLCertificateValidation: true

logging.level.org.springframework.security: TRACE