Uploaded image for project: 'camunda BPM'
  1. camunda BPM
  2. CAM-8443

I can read documentation about security topics to consider when running Camunda

XMLWordPrintable

      Topics that should be covered in [1]:

      • How to configure session timeout
      • How to configure https only
      • How to configure cookies domain
      • BPMN (containing scripts) / Forms should be deployed by a "trustful" employee
      • Forms: input validation (cross-site script attack)
      • SQL Injection when using native queries -> (User builds his own app by using native queries)
      • How to configure max post size in server (REST API)
      • How to delete demo user

      AT:

      • The documentation should not contain a step by step description how to configure something.
      • It should point out that these topics should be considered during the setup of Camunda.
      • There should be a link to show for example how to configure session timeouts on tomcat.

      [1]: https://docs.camunda.org/manual/7.7/user-guide/security/

        This is the controller panel for Smart Panels app

              roman.smirnov Roman Smirnov
              roman.smirnov Roman Smirnov
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: