otf-camunda/src/main/resources/META-INF/securityFilterRules.json

   1 {\r
   2   "pathFilter": {\r
   3     "deniedPaths": [\r
   4       {\r
   5         "path": "/camunda/api/engine/.*",\r
   6         "methods": "*"\r
   7       },\r
   8       {\r
   9         "path": "/camunda/api/cockpit/.*",\r
  10         "methods": "*"\r
  11       },\r
  12       {\r
  13         "path": "/camunda/app/tasklist/{engine}/.*",\r
  14         "methods": "*"\r
  15       },\r
  16       {\r
  17         "path": "/camunda/app/cockpit/{engine}/.*",\r
  18         "methods": "*"\r
  19       }\r
  20     ],\r
  21     "allowedPaths": [\r
  22       {\r
  23         "path": "/camunda/api/engine/engine/",\r
  24         "methods": "GET"\r
  25       },\r
  26       {\r
  27         "path": "/camunda/api/{app:cockpit}/plugin/{engine}/static/.*",\r
  28         "methods": "GET"\r
  29       },\r
  30       {\r
  31         "path": "/camunda/api/{app:cockpit}/plugin/{plugin}/{engine}/.*",\r
  32         "methods": "*",\r
  33         "authorizer": "org.camunda.bpm.webapp.impl.security.filter.EngineRequestAuthorizer"\r
  34       },\r
  35       {\r
  36         "path": "/camunda/api/engine/engine/{engine}/.*",\r
  37         "methods": "*",\r
  38         "authorizer": "org.camunda.bpm.webapp.impl.security.filter.EngineRequestAuthorizer"\r
  39       },\r
  40       {\r
  41         "path": "/camunda/app/{app:cockpit}/{engine}/.*",\r
  42         "methods": "*",\r
  43         "authorizer": "org.camunda.bpm.webapp.impl.security.filter.ApplicationRequestAuthorizer"\r
  44       },\r
  45       {\r
  46         "path": "/camunda/app/{app:tasklist}/{engine}/.*",\r
  47         "methods": "*",\r
  48         "authorizer": "org.camunda.bpm.webapp.impl.security.filter.ApplicationRequestAuthorizer"\r
  49       }\r
  50     ]\r
  51   }\r
  52 }\r