Uploaded image for project: 'jBPM'
  1. jBPM
  2. JBPM-6649

Users without kie-server role can access kie-server REST api

    XMLWordPrintable

Details

    • Bug
    • Resolution: Won't Do
    • Major
    • None
    • 7.4.1.Final
    • None
    • None
    • NEW
    • NEW

    Description

      When deploying kie-server on Tomcat with LDAP Realm, I found that a user without `kie-server` role can access kie-server REST api, which is not consistent with document.

      Attachments

        Activity

          People

            swiderski.maciej Maciej Swiderski (Inactive)
            dramwang Xin Wang (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: