You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@phoenix.apache.org by "Maica Bisaya (JIRA)" <ji...@apache.org> on 2017/06/30 07:16:00 UTC

[jira] [Created] (PHOENIX-3985) Phoenix SQuirrel log in allows non-existing users/wrong passwords and can query

Maica Bisaya created PHOENIX-3985:
-------------------------------------

             Summary: Phoenix SQuirrel log in allows non-existing users/wrong passwords and can query
                 Key: PHOENIX-3985
                 URL: https://issues.apache.org/jira/browse/PHOENIX-3985
             Project: Phoenix
          Issue Type: Bug
         Environment: Operating System = Ubuntu 14.04.5
Software platform = Hortonworks Hadoop Platform
            Reporter: Maica Bisaya
            Priority: Critical


Any user (existing or non existing), also user with wrong password can log in and run an sql query via Phoenix Squirrel. Meaning there's no access limitation. Please check on this for version 3.7



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)