Uploaded image for project: 'camunda BPM'
  1. camunda BPM
  2. CAM-10251

Enterprise templates are exposed if no authorised engine header is set

    XMLWordPrintable

Details

    • Bug Report
    • Resolution: Won't Fix
    • L3 - Default
    • None
    • 7.8.13, 7.9.11, 7.10.5, 7.11.0-alpha4
    • webapp
    • None

    Description

      Steps to reproduce
      Perform a GET request for an enterprise template without a http header for authorised engines (X-Authorized-Engine).

      Problem
      Enterprise templates are exposed if license is missing / invalid

      Reason
      When http header for authorised engines is not set, templates are exposed if license is missing

      Impact
      No impact – just strange.

      Hint
      See https://github.com/camunda/camunda-bpm-platform-ee/blob/master/webapps/camunda-webapp/plugins/src/main/java/org/camunda/bpm/webapp/impl/plugin/LicenseCheckResourceOverride.java#L84-L90

      mgm-controller-panel

        This is the controller panel for Smart Panels app

        Attachments

          Issue Links

            is related to

            Bug Report - A problem which impairs or prevents the functions of the product. CAM-10226 In Admin, no license check is performed for Operation Log

            • L3 - Default - Minor issue or issue with existing workaround, feature requests and questions
            • Closed

            Activity

              People

                thorben.lindhauer Thorben Lindhauer
                tassilo.weidner Tassilo Weidner
                Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:

                  Salesforce