All admin traffic should be encrypted by default
------------------------------------------------
Key: TEIID-1260
URL:
https://jira.jboss.org/browse/TEIID-1260
Project: Teiid
Issue Type: Quality Risk
Components: Server
Affects Versions: 7.1
Reporter: Steven Hawkins
Assignee: Steven Hawkins
Priority: Critical
Fix For: 7.1.1
The admin api via the admin port can be used to transmit resources that contain passwords
or other sensitive information. Rather than just encrypting the logon messages, all
traffic should be secured.
It does not make sense to just extend our logon encryption scheme, since it would be
effectively the same as anonymous SSL.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira