You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@ace.apache.org by "Herko ter Horst (JIRA)" <ji...@apache.org> on 2014/02/24 16:53:21 UTC

[jira] [Created] (ACE-460) Provide a way to automate client access to an ACE server using a script

Herko ter Horst created ACE-460:
-----------------------------------

             Summary: Provide a way to automate client access to an ACE server using a script
                 Key: ACE-460
                 URL: https://issues.apache.org/jira/browse/ACE-460
             Project: ACE
          Issue Type: New Feature
          Components: Client Repository
            Reporter: Herko ter Horst
            Priority: Minor


In our use case (automatic deployment of bundles and ACE configuration settings from Bndtools), we would benefit from a way to automate client access to an ACE server using a (Gogo) script.

The attached patch provides a GogoServlet, intended to be used as part of an ACE client, that accepts Gogo scripts as input (in a "script" parameter) an executes them.

Note that while the commands in the script are subject to normal ACE server authentication when they are executed, the ScriptServlet itself is NOT secured in any way as of yet. Client security will need to be addressed more broadly, as the RESTServlet has the same problem. While there does not seem to be an immediate risk to ACE servers and targets, it leaves longer running ACE clients vulnerable.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)