Uploaded image for project: 'camunda BPM'
  1. camunda BPM
  2. CAM-8651

Camunda Authorization Checks

    XMLWordPrintable

    Details

    • Type: Feature Request
    • Status: Closed
    • Priority: L3 - Default
    • Resolution: Duplicate
    • Affects Version/s: 7.7.0
    • Fix Version/s: None
    • Component/s: cockpit, engine
    • Labels:
      None

      Description

      Hello Camunda Support,

      We would like to support authorization checks for Camunda Web Applications only, and not during API invoked process engine calls.

      Situations in which authorization is required:
      	•	Camunda Webapplication is made accessible to users who should not have full access, even after authentication.
      
      Situations in which authorization is not required
      	•	An application completely controls the API methods invoked on the process engine.
      

      Can you please provide any configuration options for supporting this requirement.

      The org.camunda.bpm.engine.ProcessEngineConfiguration.authorizationEnabled could use a ThreadLocal, but I'm looking for alternatives to sub-classing the configuration.

      Thanks,

      Nick

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            nmeverden@24hourfit.com Nick Meverden
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: