[jboss-jira] [JBoss JIRA] (AS7-4769) Remove no users redirect from /management context

Darran Lofthouse (JIRA) jira-events at lists.jboss.org
Thu May 10 11:52:17 EDT 2012 

     [ https://issues.jboss.org/browse/AS7-4769?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Darran Lofthouse updated AS7-4769:
----------------------------------

    Description: 
For AS 7.1.0 we secured the server by default, to make getting started easier we added an automatic redirect on the http interface if a user attempts to connect but no users have been defined, currently this redirect is on both /console and /management

We need to remove the redirect on /management as utilities connecting to this context may not be web browsers with an ability to do anything about the redirect.  

Instead consider a HTTP 503 with a DMR response indicating no users have been defined, the error message could even contain the URL of the error page allowing users to move from the tool to their web browser to see the page we provide.

  was:
For AS 7.1.0 we secured the server by default, to make getting started easier we added an automatic redirect on the http interface if a user attempts to connect but no users have been defined, currently this redirect is on both /console and /management

We need to remove the redirect on /management as utilities connecting to this context may not be web browsers with an ability to do anything about the redirect - instead we should most likely leave the http 401 in place to request authentication and possibly include some text in the response to indicate no users are defined yet.


    
> Remove no users redirect from /management context
> -------------------------------------------------
>
>                 Key: AS7-4769
>                 URL: https://issues.jboss.org/browse/AS7-4769
>             Project: Application Server 7
>          Issue Type: Task
>          Components: Domain Management, Security
>            Reporter: Darran Lofthouse
>            Assignee: Darran Lofthouse
>             Fix For: 7.1.3.Final (EAP), 7.2.0.Alpha1
>
>
> For AS 7.1.0 we secured the server by default, to make getting started easier we added an automatic redirect on the http interface if a user attempts to connect but no users have been defined, currently this redirect is on both /console and /management
> We need to remove the redirect on /management as utilities connecting to this context may not be web browsers with an ability to do anything about the redirect.  
> Instead consider a HTTP 503 with a DMR response indicating no users have been defined, the error message could even contain the URL of the error page allowing users to move from the tool to their web browser to see the page we provide.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list