"david.lloyd(a)jboss.com" wrote : Tom has urged me to put this servlet back in - so for now I'm just going to put a large warning/disclaimer about removing the servlet before putting the application into production.
|
i want to proceed along 2 tracks concurrently.
first i want to restore the previous situation to make sure the gpd deployment works again and so that we can do an update release asap. i don't want to stall the current release because of this issue.
secondly we need to keep thinking in this thread to find the real solution to the problem.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4049910#4049910
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4049910
Tom has urged me to put this servlet back in - so for now I'm just going to put a large warning/disclaimer about removing the servlet before putting the application into production.
I hope that everyone reads closely all the configuration files in the console when deploying to production. For this reason, one of the packaging options for the console is an exploded war, where all the configuration files are easily accessed.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4049887#4049887
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4049887
https would not be difficult for eclipse (using a client certificate would, not basic authentication)
Configuring JBoss (or the web frontend) is. but if people want to do this.... it's up to them. I do not see a problem here.. Besides that, the form based authentication is also http atm....
anonymous wrote : I was just waiting (already for a year or more) for this issue to come up :-)) WHAT and you did not do anything about it? Not even file a Jira issue... shame on you
anonymous wrote : In any case, we need to ask ourselves if someone would really use the designer to deploy in a production setting. Agreed.... we wouldn't
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4049795#4049795
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4049795
I was just waiting (already for a year or more) for this issue to come up :-))
As Tom already told, it has to be fixed. The proper sequence of steps is probably to first follow Ronald's suggestion with the possibility to set the credentials somewhere in a preference page. As a followup we could investigate to use https to do the authentication, but to do that, we need to adapt the console.
In any case, we need to ask ourselves if someone would really use the designer to deploy in a production setting.
Cheers,
Koen
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4049782#4049782
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4049782
