Hi all,

We are using a custom security provider to allocate permissions to processes. I have given admin rights to a group from my custom provider, and this allows users to start process instances and execute actions etc (I have verified in the workspace that the originator of the process is a user from the custom security label). However, the same user is unable to use workflow SmartObjects for reports. I have tested this with the SmartObject tester by doing the following:

1. Group has admin rights. User can start and participate in process but listing process instances returns nothing.

2. Group has no rights. User cannot start, participate or report on process.

3. Group has admin rights, user has view rights. User can now start process AND listing process instances returns valid process instances.

In other words the security label seems to be working correctly in that assigning start rights works, but not view rights.

Any ideas guys?

Thanks!