You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@qpid.apache.org by "Rob Godfrey (JIRA)" <ji...@apache.org> on 2015/04/10 15:22:12 UTC

[jira] [Updated] (QPID-6488) [Java Broker] HTTP management may use wrong authentication provider

     [ https://issues.apache.org/jira/browse/QPID-6488?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Rob Godfrey updated QPID-6488:
------------------------------
    Status: Reviewable  (was: In Progress)

> [Java Broker] HTTP management may use wrong authentication provider
> -------------------------------------------------------------------
>
>                 Key: QPID-6488
>                 URL: https://issues.apache.org/jira/browse/QPID-6488
>             Project: Qpid
>          Issue Type: Bug
>    Affects Versions: 0.28, 0.30
>            Reporter: Rob Godfrey
>            Assignee: Rob Godfrey
>             Fix For: 6.0 [Java]
>
>
> In the case where there are two HTTP management ports, bound to the same port number, but on different interfaces, and those two HTTP management ports use different authentication providers, then the wrong authentication provider may be used.  This is because we check only the port number when looking up the authentication provider for an HTTP request.
> Instead we should associate the port model object with the HTTPRequest as an attribute from the Jetty Connector object



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org