You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@clerezza.apache.org by "Hasan Hasan (Jira)" <ji...@apache.org> on 2022/05/12 05:09:00 UTC

[jira] [Closed] (CLEREZZA-586) Login for Felix Webconsole

     [ https://issues.apache.org/jira/browse/CLEREZZA-586?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Hasan Hasan closed CLEREZZA-586.
--------------------------------
    Resolution: Abandoned

> Login for Felix Webconsole
> --------------------------
>
>                 Key: CLEREZZA-586
>                 URL: https://issues.apache.org/jira/browse/CLEREZZA-586
>             Project: Clerezza
>          Issue Type: Improvement
>            Reporter: Reto Gmür
>            Priority: Major
>              Labels: security
>
> Currently one logs in to the felix-webconsole using a password specified in the configuration of the webconsole. Ths password is not change when somebody changes the password for the admin user of clerezza but has to be changed independently.
> we should implement a org.apache.felix.webconsole.WebConsoleSecurityProvider[2] allowing Clerezza users with an appropriate condition to access the WebConsole. Alternative the clerezza bundle could also set a random-password to the WebConsole and provide a proxy that after doing access control returns the felix-console (adding the Authentication header and forwarding responses).



--
This message was sent by Atlassian Jira
(v8.20.7#820007)