The main purpose of the Jira issue is just for a blanked block on known
bad browsers - it is not intended to take any part of 'If you use
Internet Explorer you can be a Monitor but if you use Firefox you can be
SuperUser'.
Regards,
Darran Lofthouse.
On 16/12/13 21:50, Brian Stansberry wrote:
Darran,
How does this related to the notion we've chatted about of incorporate
environmental factors into role mapping?
- Brian
On 12/16/13 11:28 AM, Darran Lofthouse wrote:
> Personally I don't believe this is something that belongs under access
> control - this is not about changing what the user can access based on
> their client or address this is about preventing HTTP connections from
> known bad clients or locations.
>
> As we enable cross origin request handling we are placing a certain
> amount of trust in the users browser, one purpose of this change is to
> prevent known buggy broswer versions from being able to connect to the
> HTTP management interface.
>
> Regards,
> Darran Lofthouse.
>
>
> On 16/12/13 17:08, André Dietisheim wrote:
>> Hi
>>
>> I'm trying to come up with implementation for
>>
https://issues.jboss.org/browse/WFLY-705 where a user should be able to
>> restrict access to the management service by IP and UserAgent. The
>> filters are implemented and now I'm up to come up with the configuration
>> options. I'm thus asking for input.
>>
>> From a noob (sorry, I'm not very intimate with wildfly/undertow yet)
>> perspective <access-control> looks like a compelling tag to be nested
>> into <management-interfaces><http-interface>. Even though
>> <access-control> is used for RBAC currently, the code for it looks
>> abstract enough to get reused.
>>
>> Any ideas?
>>
>> Cheers
>> André
>>
>>
>> _______________________________________________
>> wildfly-dev mailing list
>> wildfly-dev(a)lists.jboss.org
>>
https://lists.jboss.org/mailman/listinfo/wildfly-dev
>>
> _______________________________________________
> wildfly-dev mailing list
> wildfly-dev(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/wildfly-dev
>