...
This setup is described in more detail on this page. However you are free and encouraged to change each configuration to your own needs.
Application Assembly
Required Dependencies
To create your own Wildfly application, you need to add this dependency for the REST controllers including the entire TASKANA functionality:
...
Code Block |
---|
<dependency> <groupId>pro.taskana</groupId> <artifactId>taskana-rest-spring-example-common</artifactId> </dependency> |
You can find the entire project structure on GitHub: https://github.com/Taskana/taskana/blob/master/rest/taskana-rest-spring-example-wildfly/pom.xml
Security
TASKANA requires a initialized JAAS Subject to work - at least as long you want to use the security features.
In our setup we have a Elytron setup, which ensures that all requests are authenticated and authorized before entering our application. We can find the details of the current user in the SecurityIdentity Elytron provides. To make this information accessible to TASKANA, we have created the ElytronToJaasFilter, to initialize a valid Subject from it. This filter is configured in our WildflyWebSecurityConfig:
Code Block |
---|
@Override
protected void configure(HttpSecurity http) throws Exception {
http.addFilter(jaasApiIntegrationFilter())
.addFilterAfter(new ElytronToJaasFilter(), JaasApiIntegrationFilter.class)
.csrf()
.disable();
} |
Configuration
application.properties
You need to configure on the appplication side is the datasource and the database schema to use:
Code Block |
---|
######## Taskana DB #######
datasource.jndi=java:/TaskanaDS/H2
taskana.schemaName=TASKANA |
Furthermore, if you are using LDAP, you need to configure the LDAP access:
Code Block |
---|
####### properties to connect to LDAP
taskana.ldap.serverUrl=ldap://localhost:10389
taskana.ldap.bindDn=uid=admin
taskana.ldap.bindPassword=secret
taskana.ldap.baseDn=ou=Test,O=TASKANA
taskana.ldap.userSearchBase=cn=users
taskana.ldap.userSearchFilterName=objectclass
taskana.ldap.userSearchFilterValue=person
taskana.ldap.userFirstnameAttribute=givenName
taskana.ldap.userLastnameAttribute=sn
taskana.ldap.userIdAttribute=uid
taskana.ldap.groupSearchBase=
taskana.ldap.groupSearchFilterName=objectclass
taskana.ldap.groupSearchFilterValue=groupOfUniqueNames
taskana.ldap.groupNameAttribute=cn
taskana.ldap.minSearchForLength=3
taskana.ldap.maxNumberOfReturnedAccessIds=50
taskana.ldap.groupsOfUser=uniquemember |
These properties are used to do a LDAP lookup from the AccessIdController, as it is required for the Admin UI for example. It has nothing to do with the authentication of a user, which is handled by Elytron as described above.
You can find the entire example file on GitHub: https://github.com/Taskana/taskana/blob/master/rest/taskana-rest-spring-example-wildfly/src/main/resources/application.properties
web.xml
Nothing specific to TASKANA but you might need to specify the realm on Wildfly. In our example we do need to do this to make the FORM login work:
Code Block |
---|
<login-config>
<auth-method>FORM</auth-method>
<realm-name>taskanaApplicationDomain</realm-name>
<form-login-config>
<form-login-page>/login</form-login-page>
<form-error-page>/login?error</form-error-page>
</form-login-config>
</login-config> |
jboss-web.xml
In this file you meght want to change the context-root and and security-domain to match your configuration:
Code Block |
---|
<context-root>/taskana</context-root>
<security-domain>taskanaApplicationDomain</security-domain> |
Server Configuration
This page is not meant to be a guide for configuring Wildfly. We just want to point out a few things we configured for our standalone example. The configuration we are using is also fed into our automated Arquillian integration test and can be found on GitHub: https://github.com/Taskana/taskana/blob/master/rest/taskana-rest-spring-example-wildfly/src/test/resources/int-test-standalone.xml
Database
We need to configure the TASKANA datasource.
Note |
---|
Please be aware that we currently do not support XA datasources. |
Security
In our example we have configured our dedicated LDAP Security Domain with all dependent configurations. The LDAP points to an embedded LDAP of our application. This is quite unusual but makes it easy to have a working security test environment without an large setup with different component.
From the TASKANA point of view, you can use every security option provided by Wildfly, as long as you have an correctly initialized SecurityIdentity object later on, which the filter can process.