You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@clerezza.apache.org by "Hasan Hasan (Jira)" <ji...@apache.org> on 2022/05/12 05:09:00 UTC
[jira] [Closed] (CLEREZZA-586) Login for Felix Webconsole
[ https://issues.apache.org/jira/browse/CLEREZZA-586?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Hasan Hasan closed CLEREZZA-586.
--------------------------------
Resolution: Abandoned
> Login for Felix Webconsole
> --------------------------
>
> Key: CLEREZZA-586
> URL: https://issues.apache.org/jira/browse/CLEREZZA-586
> Project: Clerezza
> Issue Type: Improvement
> Reporter: Reto Gmür
> Priority: Major
> Labels: security
>
> Currently one logs in to the felix-webconsole using a password specified in the configuration of the webconsole. Ths password is not change when somebody changes the password for the admin user of clerezza but has to be changed independently.
> we should implement a org.apache.felix.webconsole.WebConsoleSecurityProvider[2] allowing Clerezza users with an appropriate condition to access the WebConsole. Alternative the clerezza bundle could also set a random-password to the WebConsole and provide a proxy that after doing access control returns the felix-console (adding the Authentication header and forwarding responses).
--
This message was sent by Atlassian Jira
(v8.20.7#820007)