[jboss-jira] [JBoss JIRA] (WFLY-705) Implement a User Agent and Remote Address Filter for the HTTP Management Interface
Andre Dietisheim (JIRA)
issues at jboss.org
Fri Dec 13 11:38:33 EST 2013
[ https://issues.jboss.org/browse/WFLY-705?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12931205#comment-12931205 ]
Andre Dietisheim commented on WFLY-705:
---------------------------------------
Stuard Douglas updated the handler in undertow to a more generic form that allows you to do some regex-acl against ANY request header. Personnally this very much matches my gusto. I saw some behaviour I'm not sure about though:
The handler would check the request header attribute for being null. If it is, it would disallow. I'm wondering if it's not also possible that a non-existing user-agent is considered valid.
> Implement a User Agent and Remote Address Filter for the HTTP Management Interface
> ----------------------------------------------------------------------------------
>
> Key: WFLY-705
> URL: https://issues.jboss.org/browse/WFLY-705
> Project: WildFly
> Issue Type: Feature Request
> Security Level: Public(Everyone can see)
> Components: Domain Management, Security
> Reporter: Darran Lofthouse
> Assignee: Andre Dietisheim
> Fix For: Awaiting Volunteers
>
>
> The HTTP Management interface provides access to manage the domain model, this interface is partly dependent on the protection supplied by an end users web browser.
> This feature request is to optionally filter inbound requests based on a configurable list of supported user agents and or remote addresses - this will mean buggy browser versions can be excluded and remote clients restricted.
> Anyone interested in contributing please feel free to ping darranl in #jboss-as7.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list