You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ambari.apache.org by "Nate Cole (JIRA)" <ji...@apache.org> on 2016/10/24 15:41:58 UTC
[jira] [Updated] (AMBARI-18680) Disallow POST and PUT operations on
a cluster
[ https://issues.apache.org/jira/browse/AMBARI-18680?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Nate Cole updated AMBARI-18680:
-------------------------------
Component/s: ambari-server
> Disallow POST and PUT operations on a cluster
> ---------------------------------------------
>
> Key: AMBARI-18680
> URL: https://issues.apache.org/jira/browse/AMBARI-18680
> Project: Ambari
> Issue Type: Task
> Components: ambari-server
> Reporter: Nate Cole
> Assignee: Nate Cole
> Priority: Critical
> Fix For: 2.5.0
>
>
> When invoking an Offline Upgrade, the server should be restricted for operation by the web client.
> * We can add a servlet filter to restrict this, then use a {{cluster-env}} property to indicate when the API should be locked down.
> * PUT/POST should all be disallowed
> ** Except when passing a custom header with calls that allows the functionality.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)