topic Re: Authentication without REST in Alfresco Archive https://connect.hyland.com/t5/alfresco-archive/authentication-without-rest/m-p/51472#M30054 <HTML><HEAD></HEAD><BODY><BLOCKQUOTE class="jive-quote">But how to prevent not authorized users from starting instances and how to prevent completeing of tasks by 'guerilla-users'?</BLOCKQUOTE><BR /><SPAN>Might not what you want to hear, but the basic answer is: by implementing this. Just build a ui where they only get to see tasks that belong to them, cannot change id's to get to other tasks etc… Basically like you would secure any other webapp with shared data.</SPAN></BODY></HTML> Fri, 15 Jul 2011 13:22:44 GMT ronald_van_kuij 2011-07-15T13:22:44Z Authentication without REST https://connect.hyland.com/t5/alfresco-archive/authentication-without-rest/m-p/51471#M30053 Hi,Using the REST-API, the user has to login to do any action on the engine. As I have seen, no authentication/authorisation at all is needed when using the Java-API directly. I'd like to achieve the following goals<IMG id="smileysurprised" class="emoticon emoticon-smileysurprised" src="https://migration33.stage.lithium.com/i/smilies/16x16_smiley-surprised.png" alt="Smiley Surprised" title="Smiley Surprised" />nly existing users can start process instances an the userId is stored in START_USE Fri, 15 Jul 2011 12:26:30 GMT https://connect.hyland.com/t5/alfresco-archive/authentication-without-rest/m-p/51471#M30053 gant 2011-07-15T12:26:30Z Re: Authentication without REST https://connect.hyland.com/t5/alfresco-archive/authentication-without-rest/m-p/51472#M30054 <HTML><HEAD></HEAD><BODY><BLOCKQUOTE class="jive-quote">But how to prevent not authorized users from starting instances and how to prevent completeing of tasks by 'guerilla-users'?</BLOCKQUOTE><BR /><SPAN>Might not what you want to hear, but the basic answer is: by implementing this. Just build a ui where they only get to see tasks that belong to them, cannot change id's to get to other tasks etc… Basically like you would secure any other webapp with shared data.</SPAN></BODY></HTML> Fri, 15 Jul 2011 13:22:44 GMT https://connect.hyland.com/t5/alfresco-archive/authentication-without-rest/m-p/51472#M30054 ronald_van_kuij 2011-07-15T13:22:44Z