I use a implementation of org.camunda.bpm.engine.impl.interceptorDelegateInterceptor to authenticate a user for executing as asynchron task (async:before=true).
In a clustered scenario I get problems with wrong authentication.
Let me explain this in detail.
I have a process which is started when a instance of class Person is saved in system.
The start event of the process is marked as async:before= true so the process ist executed asynchronoulsy.
The Person object holds information about the user which created it (Audit information).
There is one service task in the process which manipulates the Person object and updates information in database including audit information about the user which manipulates the object which have to be the same as the creator in this example.
Therefore we use a DelegateInterceptor to authenticate the user which created the Person object before execution the service task asynchron.
This worked fine in our tests but we did not test concurrency.
Unfortunately in production it seems this leads to concurrency issues.
There are many Person objects saved in one minute and there could be more than one process instance parallel trying to execute its service task.
In many cases the modifier of the Person object is not the same as the creator so in my opinion the thread where the user is authenticated via DelegateInterceptor is not the same as the thread executing the service task.
Is there some documentation about DelegateInterceptor or a standard way to authenticate users for asynchronous task in camunda which is thread safe?
Do you understand the problem or do I have to add further information?
Thanks and best regards,
Markus