You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by "Philip Harvey (JIRA)" <ji...@apache.org> on 2012/08/27 16:13:07 UTC
[jira] [Created] (QPID-4253) Make web UI support for BASIC
authentication configurable
Philip Harvey created QPID-4253:
-----------------------------------
Summary: Make web UI support for BASIC authentication configurable
Key: QPID-4253
URL: https://issues.apache.org/jira/browse/QPID-4253
Project: Qpid
Issue Type: Improvement
Components: Java Broker
Reporter: Philip Harvey
Priority: Minor
Fix For: 0.19
The web management interface added in QPID-3999 currently supports BASIC authentication. When using HTTP this is an insecure authentication mechanism. We should therefore allow support for this mechanism to be configurable rather than being always enabled.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org
[jira] [Assigned] (QPID-4253) Make web UI support for BASIC
authentication configurable
Posted by "Keith Wall (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/QPID-4253?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Keith Wall reassigned QPID-4253:
--------------------------------
Assignee: Keith Wall (was: Robbie Gemmell)
> Make web UI support for BASIC authentication configurable
> ---------------------------------------------------------
>
> Key: QPID-4253
> URL: https://issues.apache.org/jira/browse/QPID-4253
> Project: Qpid
> Issue Type: Improvement
> Components: Java Broker
> Reporter: Philip Harvey
> Assignee: Keith Wall
> Priority: Minor
> Fix For: 0.19
>
>
> The web management interface added in QPID-3999 currently supports BASIC authentication. When using HTTP this is an insecure authentication mechanism. We should therefore allow support for this mechanism to be configurable rather than being always enabled.
> By default, we probably want BASIC to be only enabled for SSL connections.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org
[jira] [Commented] (QPID-4253) Make web UI support for BASIC
authentication configurable
Posted by "Keith Wall (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/QPID-4253?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13447791#comment-13447791 ]
Keith Wall commented on QPID-4253:
----------------------------------
Reviewed, no comments.
> Make web UI support for BASIC authentication configurable
> ---------------------------------------------------------
>
> Key: QPID-4253
> URL: https://issues.apache.org/jira/browse/QPID-4253
> Project: Qpid
> Issue Type: Improvement
> Components: Java Broker
> Reporter: Philip Harvey
> Assignee: Keith Wall
> Priority: Minor
> Fix For: 0.19
>
>
> The web management interface added in QPID-3999 currently supports BASIC authentication. When using HTTP this is an insecure authentication mechanism. We should therefore allow support for this mechanism to be configurable rather than being always enabled.
> By default, we probably want BASIC to be only enabled for SSL connections.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org
[jira] [Updated] (QPID-4253) Make web UI support for BASIC
authentication configurable
Posted by "Philip Harvey (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/QPID-4253?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Philip Harvey updated QPID-4253:
--------------------------------
Description:
The web management interface added in QPID-3999 currently supports BASIC authentication. When using HTTP this is an insecure authentication mechanism. We should therefore allow support for this mechanism to be configurable rather than being always enabled.
By default, we probably want BASIC to be only enabled for SSL connections.
was:The web management interface added in QPID-3999 currently supports BASIC authentication. When using HTTP this is an insecure authentication mechanism. We should therefore allow support for this mechanism to be configurable rather than being always enabled.
> Make web UI support for BASIC authentication configurable
> ---------------------------------------------------------
>
> Key: QPID-4253
> URL: https://issues.apache.org/jira/browse/QPID-4253
> Project: Qpid
> Issue Type: Improvement
> Components: Java Broker
> Reporter: Philip Harvey
> Priority: Minor
> Fix For: 0.19
>
>
> The web management interface added in QPID-3999 currently supports BASIC authentication. When using HTTP this is an insecure authentication mechanism. We should therefore allow support for this mechanism to be configurable rather than being always enabled.
> By default, we probably want BASIC to be only enabled for SSL connections.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org
[jira] [Resolved] (QPID-4253) Make web UI support for BASIC
authentication configurable
Posted by "Keith Wall (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/QPID-4253?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Keith Wall resolved QPID-4253.
------------------------------
Resolution: Fixed
> Make web UI support for BASIC authentication configurable
> ---------------------------------------------------------
>
> Key: QPID-4253
> URL: https://issues.apache.org/jira/browse/QPID-4253
> Project: Qpid
> Issue Type: Improvement
> Components: Java Broker
> Reporter: Philip Harvey
> Assignee: Keith Wall
> Priority: Minor
> Fix For: 0.19
>
>
> The web management interface added in QPID-3999 currently supports BASIC authentication. When using HTTP this is an insecure authentication mechanism. We should therefore allow support for this mechanism to be configurable rather than being always enabled.
> By default, we probably want BASIC to be only enabled for SSL connections.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org
[jira] [Assigned] (QPID-4253) Make web UI support for BASIC
authentication configurable
Posted by "Robbie Gemmell (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/QPID-4253?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Robbie Gemmell reassigned QPID-4253:
------------------------------------
Assignee: Robbie Gemmell
> Make web UI support for BASIC authentication configurable
> ---------------------------------------------------------
>
> Key: QPID-4253
> URL: https://issues.apache.org/jira/browse/QPID-4253
> Project: Qpid
> Issue Type: Improvement
> Components: Java Broker
> Reporter: Philip Harvey
> Assignee: Robbie Gemmell
> Priority: Minor
> Fix For: 0.19
>
>
> The web management interface added in QPID-3999 currently supports BASIC authentication. When using HTTP this is an insecure authentication mechanism. We should therefore allow support for this mechanism to be configurable rather than being always enabled.
> By default, we probably want BASIC to be only enabled for SSL connections.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org
[jira] [Updated] (QPID-4253) Make web UI support for BASIC
authentication configurable
Posted by "Keith Wall (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/QPID-4253?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Keith Wall updated QPID-4253:
-----------------------------
Status: Ready To Review (was: In Progress)
> Make web UI support for BASIC authentication configurable
> ---------------------------------------------------------
>
> Key: QPID-4253
> URL: https://issues.apache.org/jira/browse/QPID-4253
> Project: Qpid
> Issue Type: Improvement
> Components: Java Broker
> Reporter: Philip Harvey
> Assignee: Robbie Gemmell
> Priority: Minor
> Fix For: 0.19
>
>
> The web management interface added in QPID-3999 currently supports BASIC authentication. When using HTTP this is an insecure authentication mechanism. We should therefore allow support for this mechanism to be configurable rather than being always enabled.
> By default, we probably want BASIC to be only enabled for SSL connections.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org
[jira] [Closed] (QPID-4253) Make web UI support for BASIC
authentication configurable
Posted by "Keith Wall (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/QPID-4253?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Keith Wall closed QPID-4253.
----------------------------
> Make web UI support for BASIC authentication configurable
> ---------------------------------------------------------
>
> Key: QPID-4253
> URL: https://issues.apache.org/jira/browse/QPID-4253
> Project: Qpid
> Issue Type: Improvement
> Components: Java Broker
> Reporter: Philip Harvey
> Assignee: Keith Wall
> Priority: Minor
> Fix For: 0.19
>
>
> The web management interface added in QPID-3999 currently supports BASIC authentication. When using HTTP this is an insecure authentication mechanism. We should therefore allow support for this mechanism to be configurable rather than being always enabled.
> By default, we probably want BASIC to be only enabled for SSL connections.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org