Uploaded image for project: 'camunda BPM'
  1. camunda BPM
  2. CAM-1534

Allow switching off authorization in camunda webapp

    XMLWordPrintable

    Details

    • Type: Task
    • Status: Closed
    • Priority: L3 - Default
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 7.2.0, 7.2.0-alpha6
    • Component/s: cockpit
    • Labels:
      None

      Description

      Authorization.xml: The statement <sql id="authCheck"> uses a "CASE" clause not supported on some databases (e.g. DB2 on z/OS).

      This statement should never be called if the ProcessEngineConfiguration.authorizationEnabled flag is set to false. But currently it is still called - so we need to patch this statement to some "SELECT 1;" pseudo statement.

      see https://groups.google.com/forum/#!msg/camunda-bpm-dev/ihfyczFenHY/DONyGLCkcaYJ

      Currently the statement is at least triggered from the webapp (UserAuthtenticationRessource, line 108f):

      // check user's app authorizations
      AuthorizationService authorizationService = processEngine.getAuthorizationService();

      HashSet<String> authorizedApps = new HashSet<String>();

      for (String application: APPS) {
      if (isAuthorizedForApp(authorizationService, username, groupIds, application))

      { authorizedApps.add(application); }

      }

        Attachments

          Activity

            People

            Assignee:
            meyer Daniel Meyer
            Reporter:
            ruecker Bernd Rücker
            Votes:
            1 Vote for this issue
            Watchers:
            4 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: