Uploaded image for project: 'Camunda Optimize'
  1. Camunda Optimize
  2. OPT-3555

Collection Authorization inconsistencies with LDAP authentication in CAM BPM

    XMLWordPrintable

    Details

    • Type: Bug Report
    • Status: Done
    • Priority: L3 - Default
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 3.1.0
    • Component/s: backend
    • Labels:
      None

      Description

      Given:
      The authentication backend used in the engine is case insensitive (e.g. ldap)

      When:
      I login with a userId with all uppercase characters, e.g. "PETER".
      And create collections or private entities

      Then:
      I don't see the collections if I login with an all lowercase userId, "peter" although I'm the same user.

      Expected:
      I should see the same resources being the same user.

      AT:

      • any authorizations should not depend on the case of the userId/Name input by the user, we should always resolve the actual userId from the authentication backend

      Hint:
      Authorizations in the engine are as well case-sensitive, so we shouldn't implement different behavior there yet. But we can resolve this issue by normalizing the userId on successful login/authentication.

        mgm-controller-panel

        This is the controller panel for Smart Panels app

          Attachments

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              sebastian.bathke Sebastian Bathke
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Salesforce