Camunda v7.3 - Access Rights

[Frank Bitzer]

Hi there,

I just switched from Camunda 7.2 to 7.3.

We are using the LDAP plugin. While in v7.2 every (LDAP) user could login to the tasklist application and start processes, claim tasks of his group etc., in v7.3 all access seems to be restricted and requires an explicit entry at the admin interface.

Now I am looking for a way to allow every user and group to login, start processes and handle tasks the way it was in v7.2 WITHOUT having to declare an access permission for every single user or group (we have a lot of users and groups...).

I just tried to create a wildcard * rule for each permission type, but this did not work.

Any clues?

Cheers

Frank

[Bernd Rücker (camunda)]

Hi Frank.

 

This section in the docs should help: http://docs.camunda.org/latest/guides/user-guide/#authorization-type

 

Cheers

Bernd

--
You received this message because you are subscribed to the Google Groups "camunda BPM users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to camunda-bpm-us...@googlegroups.com.
To post to this group, send email to camunda-...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/camunda-bpm-users/5dac3c0e-116d-4b67-9b59-33f8b7ca6574%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Sebastian Menski]

Hi Frank,

did you execute the upgrade script for your database [1]? They all contain a section to add global grant authorizations for everyone, eg for postgresql [2].

Cheers,

Sebastian

[1] https://github.com/camunda/camunda-bpm-platform/tree/7.3.0/distro/sql-script/upgrade

[2] https://github.com/camunda/camunda-bpm-platform/blob/7.3.0/distro/sql-script/upgrade/postgres_engine_7.2_to_7.3.sql#L126-139

[Frank Bitzer]

Hi Sebastian,

executing the SQL statement you mentioned did the trick!

I think what I did wrong was using the authorization type "ALLOW" instead of "GLOBAL" for my wildcard rules.

Thanks a lot!
Frank