![]() ![]() |
|
Help for Process Engine Reference | |
Search | Index | |
![]() |
|
![]() |
![]() |
![]() |
Component Integrator security issuesThe Component Integrator makes it possible to access an external entity, such as a Java object or (Workplace only) Java messaging system (JMS), from a step in a workflow. For example, via the Component Integrator a workflow could:
Components are defined within an isolated region and can be used in any workflow defined within the isolated region. So that a component behaves consistently from workflow to workflow, the permissions a component has on the specific entity it interacts with are also defined at an isolated region level. For example, the CE operations have the necessary permissions to get and set document properties, file and unfile a document in a folder, and publish a document. So, if the CE Operation that publishes a document is used in both workflow A and workflow B, when the step containing that component is completed in either workflow, a document will be published. Because a component's permissions on an entity might exceed those that the user running the workflow has on that entity, FileNet recommends that you limit access to workflows that contain component steps, in order to protect the external systems. The following table summarizes the various security issues, and provides recommendations to help you provide security for external systems accessed by component steps.
|
![]() |
|
![]() |
|