[CAM-10364] Spring Boot Starter Webapp filters cover Rest API

Type: Bug Report
Resolution: Fixed
Priority: L3 - Default
Fix Version/s: spring-boot 3.3.1, spring-boot 2.3.2, spring-boot 3.0.3, spring-boot 3.1.3, spring-boot 3.2.3
Affects Version/s: spring-boot 2.3.0, spring-boot 3.0.0, spring-boot 3.1.0, spring-boot 3.2.0, spring-boot 3.3.0
Component/s: spring-boot
Labels:
None

Given:
The following dependencies are used:

camunda-bpm-spring-boot-starter-webapp OR camunda-bpm-spring-boot-starter-webapp-ee
camunda-bpm-spring-boot-starter-rest

When:
A modifying HTTP Request (POST/PUT/DELETE) is sent through the Rest API.

Then:
An Internal Server Error is reported (500), with message: Cannot create a session after the response has been committed.

Expected:
The Rest API can be used together with the Webapps in the Spring Boot Starter.

Hint:
The reason for the bug is that all resources in the starter are put on the root context path. This creates an overlap for the url patterns of the Webapps and Rest API, causing CSRF validation of Rest requests.

This is the controller panel for Smart Panels app

There are no comments yet on this issue.

Assignee:: Unassigned

Reporter:: Nikola Koevski

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 24/May/19 3:50 PM

Updated:: 27/May/19 3:56 PM

Resolved:: 27/May/19 3:08 PM

camunda BPM

Details

Description

mgm-controller-panel

This is the controller panel for Smart Panels app

Attachments

Activity

People

Dates

Salesforce