This function does not exist in the current console. One of the key requirements is that
the console is usable out of the box for administration of a jBPM installation. The GPD
relies on unauthenticated access to upload processes. Therefore we should have a
separate WAR file that contains this servlet (and any other development-time no-security
servlets) that can be deployed during development and removed in a production environment.
Otherwise we have a pretty scary security hole.
View the original post :
Reply to the post :