Camunda Authorization Checks

XMLWordPrintable

    • Type: Feature Request
    • Resolution: Duplicate
    • Priority: L3 - Default
    • None
    • Affects Version/s: 7.7.0
    • Component/s: cockpit, engine
    • None

      Hello Camunda Support,

      We would like to support authorization checks for Camunda Web Applications only, and not during API invoked process engine calls.

      Situations in which authorization is required:
	•	Camunda Webapplication is made accessible to users who should not have full access, even after authentication.

Situations in which authorization is not required
	•	An application completely controls the API methods invoked on the process engine.

      Can you please provide any configuration options for supporting this requirement.

      The org.camunda.bpm.engine.ProcessEngineConfiguration.authorizationEnabled could use a ThreadLocal, but I'm looking for alternatives to sub-classing the configuration.

      Thanks,

      Nick

        This is the controller panel for Smart Panels app

              Assignee:
              Unassigned
              Reporter:
              Nick Meverden
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: