Uploaded image for project: 'Camunda Optimize'
  1. Camunda Optimize
  2. OPT-1660

Authorization check can fail if user exist in multiple engines

    Details

    • Type: Bug Report
    • Status: Done
    • Priority: L3 - Default
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 2.3.0
    • Component/s: backend
    • Labels:
    • Title Keywords:
      authorization permissions

      Description

      Prerequisite:
      Say you have configured two engines, EA and EB, both using same user base (i.e. LDAP). Further, say AE grants optimize access to U while EB has not grant or a revoke for U.

      Expected behaviour:
      If U logs in, he will be granted to access optimize.

      Current behaviour:
      Non-deterministic, since check depends on the order in which engines are checked for authorizations.

        Activity

        No work has yet been logged on this issue.

          People

          • Assignee:
            Unassigned
            Reporter:
            ragnar.nevries Ragnar Nevries
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: