[jboss-jira] [JBoss JIRA] Closed: (JBMESSAGING-1629) do not hard-code management cluster admin user
Jeff Mesnil (JIRA)
jira-events at lists.jboss.org
Wed Jun 10 07:20:56 EDT 2009
[ https://jira.jboss.org/jira/browse/JBMESSAGING-1629?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jeff Mesnil closed JBMESSAGING-1629.
------------------------------------
Resolution: Done
fixed in the trunk (see changelog)
> do not hard-code management cluster admin user
> ----------------------------------------------
>
> Key: JBMESSAGING-1629
> URL: https://jira.jboss.org/jira/browse/JBMESSAGING-1629
> Project: JBoss Messaging
> Issue Type: Bug
> Components: Configuration and Management
> Reporter: Jeff Mesnil
> Assignee: Jeff Mesnil
> Priority: Minor
> Fix For: 2.0.0.GA
>
>
> management cluster admin user is hard-coded in SecurityStoreImpl and we bypass security check for it.
> instead, the user should be configurable (like the management cluster password) and a regular
> user (with "manage" permission) should be created instead.
> From SecurityStoreImpl point of view, this will remove special case to handle this cluster admin user.
> Warning about not changing the default cluster credentials will have to be moved from the SecurityStoreImpl
> to either FileConfiguration (when reading the value from the conf) or ManagementServiceImpl
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list