You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@brooklyn.apache.org by "Sam Corbett (JIRA)" <ji...@apache.org> on 2014/09/08 15:24:28 UTC

[jira] [Commented] (BROOKLYN-51) Remote access without configuring a username and password

    [ https://issues.apache.org/jira/browse/BROOKLYN-51?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14125472#comment-14125472 ] 

Sam Corbett commented on BROOKLYN-51:
-------------------------------------

For point 3 is the suggestion to check the remote address of the request and assume it's unspoofable? See: http://serverfault.com/questions/381393/can-the-ip-address-for-an-http-request-be-spoofed

> Remote access without configuring a username and password
> ---------------------------------------------------------
>
>                 Key: BROOKLYN-51
>                 URL: https://issues.apache.org/jira/browse/BROOKLYN-51
>             Project: Brooklyn
>          Issue Type: Sub-task
>    Affects Versions: 0.7.0-M1
>            Reporter: Richard Downer
>            Assignee: Sam Corbett
>             Fix For: 0.7.0
>
>
> By default, if Brooklyn is not configured with a username+password in brooklyn.properties, Brooklyn will *only* bind to the localhost interface, refusing connections from the network.
> To ease first time users starting Brooklyn on a server, change Brooklyn to:
> 1. Always bind on all interfaces;
> 2. If no username and password is configured, generate one randomly and print the details to the console
> 3. Additionally, if no username and password is configured, continue to allow passwordless logins on the localhost interface.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)