You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by "ASF subversion and git services (JIRA)" <ji...@apache.org> on 2015/04/10 14:46:13 UTC
[jira] [Commented] (QPID-6488) [Java Broker] HTTP management may
use wrong authentication provider
[ https://issues.apache.org/jira/browse/QPID-6488?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14489545#comment-14489545 ]
ASF subversion and git services commented on QPID-6488:
-------------------------------------------------------
Commit 1672632 from [~godfrer] in branch 'qpid/trunk'
[ https://svn.apache.org/r1672632 ]
QPID-6488 : Set the Port object as an attribute on every HttpRequest
> [Java Broker] HTTP management may use wrong authentication provider
> -------------------------------------------------------------------
>
> Key: QPID-6488
> URL: https://issues.apache.org/jira/browse/QPID-6488
> Project: Qpid
> Issue Type: Bug
> Affects Versions: 0.28, 0.30
> Reporter: Rob Godfrey
> Assignee: Rob Godfrey
> Fix For: 6.0 [Java]
>
>
> In the case where there are two HTTP management ports, bound to the same port number, but on different interfaces, and those two HTTP management ports use different authentication providers, then the wrong authentication provider may be used. This is because we check only the port number when looking up the authentication provider for an HTTP request.
> Instead we should associate the port model object with the HTTPRequest as an attribute from the Jetty Connector object
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org