doogle-oss opened a new issue, #3656: URL: https://github.com/apache/incubator-kie-tools/issues/3656
### Description Current implementation for Console applications is to use keycloak and we have already been using all kogito apps. Have custom built our apps for interacting with kogito APIs. Can Managment Console and Task Console be made available with support for quarkus-oidc. We have been using custom apps. for this. Need help from Kogito Team to add some light to this Data Index is already supporting quarkus-oidc. Need this to be extended to other kogito-apps in console https://issues.redhat.com/browse/KOGITO-8419 Created now if added will help use more components from kogito ecosystem. ### Implementation ideas Refer to the details at https://issues.redhat.com/browse/KOGITO-8419 We have seen in data index how it handles custom security. org.kie.kogito.index.auth.MultiTenantResolver class helps integration quarkus-oidc client though keycloak is default. Can the same be added to all web apps applications. ``` /* * Copyright 2020 Red Hat, Inc. and/or its affiliates. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package org.kie.kogito.index.auth; import javax.enterprise.context.ApplicationScoped; import javax.inject.Inject; import org.eclipse.microprofile.config.inject.ConfigProperty; import io.quarkus.oidc.TenantResolver; import io.vertx.ext.web.RoutingContext; @ApplicationScoped public class MultiTenantResolver implements TenantResolver { @Inject @ConfigProperty(name = "kogito.data-index.vertx-graphql.ui.path", defaultValue = "/graphiql") String graphUIPath; @Inject @ConfigProperty(name = "kogito.data-index.vertx-graphql.ui.tenant", defaultValue = "web-app-tenant") String graphUITenantId; @Override public String resolve(RoutingContext context) { if (context.request().path().equals("/") || context.request().path().startsWith(graphUIPath)) { return graphUITenantId; } return null; } } ``` So to enable security only the following to be tweaked in DI 1. kogito.data-index.vertx-graphql.ui.tenant=default 2. quarkus.oidc.tenant-enabled=true Can something similar be added on the mgmt console/task console as well. or is there a way to disable security in the console apps -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
