Return-Path: X-Original-To: apmail-aurora-reviews-archive@minotaur.apache.org Delivered-To: apmail-aurora-reviews-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id B76DA1825E for ; Tue, 30 Jun 2015 18:57:59 +0000 (UTC) Received: (qmail 49401 invoked by uid 500); 30 Jun 2015 18:57:59 -0000 Delivered-To: apmail-aurora-reviews-archive@aurora.apache.org Received: (qmail 49348 invoked by uid 500); 30 Jun 2015 18:57:59 -0000 Mailing-List: contact reviews-help@aurora.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: reviews@aurora.apache.org Delivered-To: mailing list reviews@aurora.apache.org Received: (qmail 49328 invoked by uid 99); 30 Jun 2015 18:57:59 -0000 Received: from reviews-vm.apache.org (HELO reviews.apache.org) (140.211.11.40) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 30 Jun 2015 18:57:59 +0000 Received: from reviews.apache.org (localhost [127.0.0.1]) by reviews.apache.org (Postfix) with ESMTP id 90250A9856; Tue, 30 Jun 2015 18:57:57 +0000 (UTC) Content-Type: multipart/alternative; boundary="===============4693969754839013009==" MIME-Version: 1.0 Subject: Re: Review Request 36060: Disabling h2 console by default. From: "Kevin Sweeney" To: "Kevin Sweeney" Cc: "Aurora" , "Maxim Khutornenko" Date: Tue, 30 Jun 2015 18:57:57 -0000 Message-ID: <20150630185757.13307.25938@reviews.apache.org> X-ReviewBoard-URL: https://reviews.apache.org/ Auto-Submitted: auto-generated Sender: "Kevin Sweeney" X-ReviewGroup: Aurora X-Auto-Response-Suppress: DR, RN, OOF, AutoReply X-ReviewRequest-URL: https://reviews.apache.org/r/36060/ X-Sender: "Kevin Sweeney" References: <20150630184606.13308.51002@reviews.apache.org> In-Reply-To: <20150630184606.13308.51002@reviews.apache.org> Reply-To: "Kevin Sweeney" X-ReviewRequest-Repository: aurora --===============4693969754839013009== MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/36060/#review89948 ----------------------------------------------------------- Ship it! Ship It! - Kevin Sweeney On June 30, 2015, 11:46 a.m., Maxim Khutornenko wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/36060/ > ----------------------------------------------------------- > > (Updated June 30, 2015, 11:46 a.m.) > > > Review request for Aurora and Kevin Sweeney. > > > Repository: aurora > > > Description > ------- > > H2 console gives direct access (including modifications and deletions) to all scheduler data. This is too powerful to be ON by default especially when using scheduler in unsecure mode. > > > Diffs > ----- > > examples/vagrant/upstart/aurora-scheduler-kerberos.conf 3c9e13b52fd3f72ddf20c7869b5175761ac879cb > src/main/java/org/apache/aurora/scheduler/http/H2ConsoleModule.java a44ea08950b9d4b33503f4cfc6e28a32c619b3c8 > src/test/java/org/apache/aurora/scheduler/http/H2ConsoleModuleIT.java 9536fe3c484329066d8939edc40fa32525880ef5 > src/test/java/org/apache/aurora/scheduler/http/api/security/HttpSecurityIT.java 53ba949691768078ac17846b70d1baf440c444d4 > > Diff: https://reviews.apache.org/r/36060/diff/ > > > Testing > ------- > > > Thanks, > > Maxim Khutornenko > > --===============4693969754839013009==--