Security

Security or application security in this context refers to protecting the services and data provided by jBPM from unauthorized access (authentication) and at the same time ensuring that the users can access the set of services and data authorized for them (authorization).

Another important perspective that we have to consider in a BPM system is providing non-repudiation for all the user interactions. jBPM supports this by providing an audit logging facility for all runtime data changes.

Note

Non-repudiation assures that a user cannot deny performing an action or operation in the system.

Securing the access of application assets

jBPM, usually deployed in an application server, uses a JEE-compatible standard, that is, Java Authentication and ...

Get Mastering jBPM6 now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.