Uploaded image for project: 'camunda BPM'
  1. camunda BPM
  2. CAM-9651

Webapp is not accessible when an identity provider returns invalid group IDs for a user

    Details

      Description

      Scenario:

      • The identity provider (e.g. ldap) returns null group ids (this is not expected by the identity provider, but can happen due to problems in that system)

      Current behavior:

      • User authentication in the engine throws an exception and Cockpit is not usable

      Expected behavior:

      • Cockpit/engine should ignore invalid group ids and log a warning or error
      • It may then be that the user has less access permissions than expected, because not all groups have been resolved correctly
      • This is more graceful degradation of service

      Context:

        Activity

          People

          • Assignee:
            nikola.koevski Nikola Koevski
            Reporter:
            thorben.lindhauer Thorben Lindhauer
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development