Uploaded image for project: 'camunda BPM'
  1. camunda BPM
  2. CAM-9109

When a user, group, or tenant is created, the given id is validated against a whitelist

    Details

    • Type: Bug Report
    • Status: Closed
    • Priority: L3 - Default
    • Resolution: Fixed
    • Affects Version/s: 7.10.0-alpha1
    • Fix Version/s: 7.10.0, 7.7.9, 7.8.8, 7.9.2
    • Component/s: engine
    • Labels:

      Description

      AT:

      • The process engine configuration has an option to configure a whitelist (as an regex)
      • The whitelist is used to verify whether the id of an user, group, or tenant (which should be created) matches against it
      • if not, then an exception is thrown and the user (group or tenant) is not created
      • by default the regex allows only alphanumeric values

      Hint:

      • The change is documented in the upgrade guide 7.9 to 7.10
      • When back porting the changes to 7.8 and 7.9 the current behavior should not break.

        Issue Links

          Activity

          There are no comments yet on this issue.

            People

            • Assignee:
              michael.schoettes Michael Schoettes
              Reporter:
              roman.smirnov Smirnov Roman
            • Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development